This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Policy: alloca vs. malloc?

From: Pedro Alves <palves at redhat dot com>
To: "Carlos O'Donell" <carlos_odonell at mentor dot com>
Cc: libc-alpha <libc-alpha at sourceware dot org>, Roland McGrath <roland at hack dot frob dot com>
Date: Fri, 08 Jun 2012 10:40:30 +0100
Subject: Re: Policy: alloca vs. malloc?
References: <4FD0E4DC.1000105@mentor.com>

On 06/07/2012 06:29 PM, Carlos O'Donell wrote:

>  * When growing a buffer, either on the stack or on the heap, watch out for integer overflow when calculating the new size. Such overflow should be treated as allocation failure than letting the integer wrap around.
> 
>  * If the size of the buffer is directly or indirectly under user control, consider imposing a maximum to help make denial-of-service attacks more difficult.


These appear to not really be "alloca vs malloc" material, but general guides that'd
better fit a different section.

-- 
Pedro Alves

Follow-Ups:
- Re: Policy: alloca vs. malloc?
  - From: Jeff Law

References:
- Policy: alloca vs. malloc?
  - From: Carlos O'Donell

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]