This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: Commit: Use of alloca considered dangerous
- From: "H.J. Lu" <hjl dot tools at gmail dot com>
- To: Paul Koning <Paul_Koning at dell dot com>
- Cc: Nick Clifton <nickc at redhat dot com>, Binutils <binutils at sourceware dot org>
- Date: Mon, 21 Mar 2016 11:01:36 -0700
- Subject: Re: Commit: Use of alloca considered dangerous
- Authentication-results: sourceware.org; auth=none
- References: <87mvprx079 dot fsf at redhat dot com> <B1F8A0EC-9D4D-459E-899A-5638E2CCE924 at dell dot com>
On Mon, Mar 21, 2016 at 9:56 AM, <Paul_Koning@dell.com> wrote:
>
>> On Mar 21, 2016, at 12:30 PM, Nick Clifton <nickc@redhat.com> wrote:
>>
>> Hi Guys,
>>
>> It was pointed out to me the other day that there are some unbounded
>> calls to alloca in the binutils, which in theory could lead to
>> exploits. So I tried adding -Wstack-usage=NNN to the command line and
>> discovered that gcc would complain about any use of alloca, even
>> bounded ones. Still they were easy to fix, and removing the use of
>> alloca, and variable length local arrays as well, seems like a good
>> idea.
>
> I agree that alloca() needs bounds checks, but I don't see why you say that avoiding alloca entirely is "a good idea".
>
>> So I am applying the attached patch. It enables -Wstack-usage when
>> -Werror is in effect.
>
> The documented meaning of -Werror is that it turns all (currently enabled) warnings into errors, nothing more. For it to have a side effect of enabling some not previously enabled warning is not a good idea.
>
It caused:
https://sourceware.org/bugzilla/show_bug.cgi?id=19851
--
H.J.