[gnutls-devel] GnuTLS | Reconsidering use of VLAs and alloca() (#684)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Thu Jan 24 12:25:26 CET 2019

New Issue was created.

Issue 684: https://gitlab.com/gnutls/gnutls/issues/684
Author:    Tim Rühsen

Variable Length Arrays (VLAs) and alloca() are sometimes a very fast alternative to malloc() and are also very handy because a free() or cleanup is not needed.

But VLAs and alloca() easily introduce security issues. Their use in code needs thorough care and manual review, basically with every code change that uses them directly or indirectly. It is a common vulnerability pattern that attackers gain control over the size of those stack allocations, enabling stack overflows, remote code execution, denial-of-service, and the like. Current prominent example is https://www.openwall.com/lists/oss-security/2019/01/09/3.

As a security-related software project, we should not ignore such concerns. Not in the library code nor in the tools.

IMO we should disallow VLAs and alloca() in our code, replace them appropriately and add an automatic check on MRs via the Gitlab CI.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/684
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190124/926831e2/attachment.html>

More information about the Gnutls-devel mailing list