IIRC, the windows version of alloca() does return an error (or throws an exception), but the GNU version just inline's it as a sub esp and allows unbounded evilness. The most likely abuse case would be an arbitrary-deep recursive function where the alloca() size is static. If you can push the heap address up high enough, you could even cause alloca() to return a pointer into a valid heap :-)
-HD On Wednesday 01 November 2006 13:31, khorben wrote: > so... wtf? For or against alloca(), I would be interested in your take > about this. _______________________________________________ darklab mailing list [email protected] http://lists.darklab.org/cgi-bin/mailman/listinfo/darklab
