On Thu, Aug 31, 2023 at 10:26:17AM +0200, Philippe Mathieu-Daudé wrote: > Cc'ing qemu-block@ (I suppose this will go via a block tree)
Makes sense. I can queue it through my NBD tree if no one else beats me (since the nbd code is a heavy user of iovs). > > On 24/8/23 18:47, Peter Maydell wrote: > > From: Philippe Mathieu-Daudé <phi...@redhat.com> > > > > Use autofree heap allocation instead of variable-length array on the > > stack. > > > > The codebase has very few VLAs, and if we can get rid of them all we > > can make the compiler error on new additions. This is a defensive > > measure against security bugs where an on-stack dynamic allocation > > isn't correctly size-checked (e.g. CVE-2021-3527). > > -- Eric Blake, Principal Software Engineer Red Hat, Inc. Virtualization: qemu.org | libguestfs.org
