[vlc-devel] [PATCH 05/12] Replace variable-length arrays by calls to alloca() for C90 compliance.
Rémi Denis-Courmont
remi at remlab.net
Mon Dec 2 13:07:42 CET 2013
On Mon, 02 Dec 2013 12:59:36 +0100, Luca Barbato <lu_zero at gentoo.org>
wrote:
> On 29/11/13 17:41, Felix Abecassis wrote:
>> ---
>> src/audio_output/common.c | 2 +-
>> src/config/chain.c | 4 ++--
>> src/config/file.c | 2 +-
>> src/input/item.c | 2 +-
>> src/input/stream.c | 2 +-
>> src/input/subtitles.c | 8 ++++----
>> src/misc/http_auth.c | 4 ++--
>> src/misc/messages.c | 4 ++--
>> src/misc/picture_pool.c | 2 +-
>> src/network/httpd.c | 2 +-
>> src/network/tcp.c | 2 +-
>> src/playlist/art.c | 2 +-
>> src/playlist/loadsave.c | 2 +-
>> src/stream_output/sdp.c | 2 +-
>> src/test/xmlent.c | 2 +-
>> 15 files changed, 21 insertions(+), 21 deletions(-)
>
> What about removing VLA (and alikes such alloca) completely, thus making
> libvlc a little more robust in the process?
If we still have VLA whose size comes from an untrusted source and lacks a
(reasonably small) upper bound, then it definitely needs rewriting. Also if
the size is variable but there is an obvious small upper bound on it, then
a fixed size table can do.
But that is not a full dichotomy, so it probably won't work around the
MSVC bug.
--
Rémi Denis-Courmont
Sent from my collocated server
More information about the vlc-devel
mailing list