On 08/04/2016 08:26 PM, Jeff Law wrote: > On 08/04/2016 01:21 PM, Pedro Alves wrote:
>> Most allocas I've seen in my life were written to simply build >> strings at run time, while lazily avoiding to think about writing >> a "free" call, rather than having been written for optimizing >> some fast path, or for async-signal safe reasons. > Right -- the problem is if those strings are potentially under user > control or the bad guys can arrange to overflow a size computation > feeding an alloca, then this stuff becomes a huge gaping security hole. > We've seen this repeatedly within glibc. Yup. Thanks, Pedro Alves