Hello, Samuel.

On 2016-03-15 13:31, Samuel Thibault wrote:
Justus Winter, on Tue 15 Mar 2016 14:39:00 +0100, wrote:
Quoting Agustina Arzille (2016-03-15 14:11:27)
> Hello, everyone.
>
> I was browsing some gnumach source files, and noticed some dangerous use
> of the gcc builtin 'alloca'. In the file kern/bootstrap.c, lines 212 and
> 228, we have the following statement:
>
> memcpy (alloca (len), ...)

Good catch.  However, alloca is dangerous even if used correctly, and
is best be avoided.

What do you mean by "dangerous"? I don't think we'll ever get a command
line that does not fit into the stack.

Samuel

That's not what I meant. Stack overflow is clearly very unlikely, if not
impossible. What I meant about 'dangerous' is the fact that alloca is being
used inside the list of arguments of a function call, which can lead to
subtle bugs, because alloca modifies the SP register, which is also being
modified by the function arguments being pushed into the stack.

See: http://man7.org/linux/man-pages/man3/alloca.3.html ,
specifically, the section 'BUGS'.

Reply via email to