On 18/8/23 17:10, Peter Maydell wrote:
Use an autofree heap allocation instead of a variable-length
array on the stack in qemu_spice_create_update().
The codebase has very few VLAs, and if we can get rid of them all we
can make the compiler error on new additions. This is a defensive
measure against security bugs where an on-stack dynamic allocation
isn't correctly size-checked (e.g. CVE-2021-3527).
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
---
I was a little unsure about this allocation given that it's
in the display_refresh callback, but the code already does
a g_malloc() every time it calls qemu_spice_create_one_update()
so one more presumably won't hurt.
---
ui/spice-display.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Reviewed-by: Philippe Mathieu-Daudé <phi...@linaro.org>
