On Mon, 2009-11-30 at 10:58 -0800, Jeremy Huddleston wrote: > On Nov 30, 2009, at 08:41, Keith Packard wrote: > > As a reminder to others -- alloca should never be used in the X server; > > it cannot be relied upon to return NULL on failure, doing various things > > From crashing the application to overwriting other parts of the > > application. > > Wow, I didn't even realize it was being used in XQuartz. alloca does > return NULL on failure on OSX, so it's not as much of a problem here, > but this should make things more consistent. I'll get you a patch in > a few.
There are two cases where alloca() can misbehave. One is when you're out of stack, which you can reasonably guard against. The other is when the quantity you've computed to allocate has overflowed, and you allocate 32 bytes when you thought you were allocating 4G+32 bytes. The latter is the sort of bug that gets a CVE number instead of just a bugzilla number. - ajax
signature.asc
Description: This is a digitally signed message part
_______________________________________________ xorg-devel mailing list xorg-devel@lists.x.org http://lists.x.org/mailman/listinfo/xorg-devel