The codebase has very few VLAs, and if we can get rid of them all we can make the compiler error on new additions. This is a defensive measure against security bugs where an on-stack dynamic allocation isn't correctly size-checked (e.g. CVE-2021-3527).
This patchset fixes some places in the spice and vnc UI frontends that were doing on-stack allocations. For the vnc-enc-hextile case we can make the array fixed size; for the other two places we switch to a heap allocation. Disclaimer: tested only with compile + make check, which doesn't actually exercise the UI frontends. thanks -- PMM Peter Maydell (2): ui/spice-display: Avoid dynamic stack allocation ui/vnc-enc-hextile: Use static rather than dynamic length stack array Philippe Mathieu-Daudé (1): ui/vnc-enc-tight: Avoid dynamic stack allocation ui/vnc-enc-hextile-template.h | 8 +++++++- ui/spice-display.c | 3 ++- ui/vnc-enc-tight.c | 11 ++++++----- 3 files changed, 15 insertions(+), 7 deletions(-) -- 2.34.1
