This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] vfprintf: validate nargs and positional offsets
On Fri, 3 Feb 2012, Kees Cook wrote:
> - Hybrid: use calloc/malloc when more than a page worth of memory would
> be needed, otherwise just stick with alloca. This would mean that only
> format strings with more than 204 (on 32-bit, or 102 on 64-bit) would
> need to hit the heap.
__libc_use_alloca is the standard test for doing this sort of thing; it
should be used in any case where an alloca allocation might otherwise have
unbounded size but you don't want to use malloc unconditionally, unless
there is a good reason to do otherwise.
--
Joseph S. Myers
joseph@codesourcery.com