Virtually all current uses involve some form of user input, which means that the user can exploit the problem. When bar[2048] is used to create a buffer of a certain known size that never change, with alloca a buffer of undermined size is created in most cases.
The only 'safe' way to use the function would be to put it inside a wrapper that would check the size against some preset limit and based on that determine if alloca or emalloc should be used. The length would also need to be stored to allow the free wrapper to determine if efree() is needed. These safety checks may offset the miniscule speed advantage gained by using alloca anyway, especially when the length is being calculated inside alloca call. Ilia -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
