Re: [PATCH] netfilter: nfnetlink_cthelper: Remove VLA usage

From: Gustavo A. R. Silva
Date: Wed Mar 21 2018 - 09:51:41 EST

Next message: Christophe Leroy: "[PATCH 1/2] powerpc/time: inline arch_vtime_task_switch()"
Previous message: Doug Smythies: "RE: [RFT][PATCH v5 0/7] sched/cpuidle: Idle loop rework"
In reply to: Pablo Neira Ayuso: "Re: [PATCH] netfilter: nfnetlink_cthelper: Remove VLA usage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 03/20/2018 07:36 AM, Pablo Neira Ayuso wrote:

On Mon, Mar 12, 2018 at 07:21:38PM -0500, Gustavo A. R. Silva wrote:

In preparation to enabling -Wvla, remove VLA and replace it
with dynamic memory allocation.

From a security viewpoint, the use of Variable Length Arrays can be
a vector for stack overflow attacks. Also, in general, as the code
evolves it is easy to lose track of how big a VLA can get. Thus, we
can end up having segfaults that are hard to debug.

Also, fixed as part of the directive to remove all VLAs from
the kernel: https://lkml.org/lkml/2018/3/7/621

also applied, thanks.

Awesome.

Thanks, Pablo.
--
Gustavo

Next message: Christophe Leroy: "[PATCH 1/2] powerpc/time: inline arch_vtime_task_switch()"
Previous message: Doug Smythies: "RE: [RFT][PATCH v5 0/7] sched/cpuidle: Idle loop rework"
In reply to: Pablo Neira Ayuso: "Re: [PATCH] netfilter: nfnetlink_cthelper: Remove VLA usage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]