Hi, everyone. I see that alloca() is used in three files in 1.01 and four in 1.1.0. As far as I can tell, this function is not standard and hence not supported on many platforms, including my embedded one. Moreover, it can blow the stack if the amount allocated is too large, something that seems easy to occur and difficult to detect and recover from at runtime.
Are we sure that using alloca() is the right thing to do? Is there any alternative to replacing it with OPENSSL_malloc() and adding an OPENSSL_free()? Thanks, Paul ________________________________________________________________________ _____________________________ Paul A. Suhler | Firmware Engineer | Quantum Corporation | Office: 949.856.7748 | paul.suh...@quantum.com Preserving the World's Most Important Data. Yours.(tm) ---------------------------------------------------------------------- The information contained in this transmission may be confidential. Any disclosure, copying, or further distribution of confidential information is not permitted unless such privilege is explicitly granted in writing by Quantum. Quantum reserves the right to have electronic communications, including email and attachments, sent across its networks filtered through anti virus and spam software programs and retain such messages in order to comply with applicable data security and retention requirements. Quantum is not responsible for the proper and complete transmission of the substance of this communication or for any delay in its receipt.
