[gnutls-devel] GnuTLS | Reconsidering use of VLAs and alloca() (#684)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Wed Jan 30 11:19:24 CET 2019

Another reason to use malloc()/heap instead of VLA/stack  is that sanitizers/fuzzing have difficulties to detect buffer overflows on the stack. Mainly because local variables are put together as one single block of stack memory.

Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/issues/684#note_136465853
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190130/34f51d94/attachment.html>

More information about the Gnutls-devel mailing list