On Fri, Jul 29, 2016 at 5:30 AM, Aldy Hernandez <al...@redhat.com> wrote:
> At least a cursory look at gcc/gcc-ar.c has us doing:
>
> self = getenv ("GCC_EXEC_PREFIX");
> ...
> self_exec_prefix = make_relative_prefix (self, ...
>
> So the alloca() in make_relative_prefix() can be called with the strlen of
> some random env var.
>
> Anyways... regardless... all unchecked alloca calls are bad ;-).
>
> OK pending GCC tests?This is OK. Thanks. Ian
