Bug 86970 - adcli: avoid alloca in _adcli_ldap_have_in_mod
Summary: adcli: avoid alloca in _adcli_ldap_have_in_mod
Status: RESOLVED FIXED
Alias: None
Product: realmd
Classification: Unclassified
Component: adcli (show other bugs)
Version: unspecified
Hardware: Other All
: medium normal
Assignee: Stef Walter
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-12-03 12:37 UTC by Florian Weimer
Modified: 2015-12-07 07:30 UTC (History)
2 users (show)

See Also:
i915 platform:
i915 features:


Attachments
Replace alloca() by malloc() for arrays (1.37 KB, patch)
2015-12-02 17:15 UTC, Sumit Bose
Details | Splinter Review

Description Florian Weimer 2014-12-03 12:37:35 UTC
In library/adldap.c:_adcli_ldap_have_in_mod(), there are two alloca calls:

	vals = alloca (sizeof (struct berval) * (count + 1));
	pvals = alloca (sizeof (struct berval *) * (count + 1));

Array allocation with alloca is problematic because that can lead to stack overflows.  In this particular case, it seems to be harmless because count is always 1 (if I traced the callers correctly), but it still serves as a bad example.
Comment 1 Sumit Bose 2015-12-02 17:15:10 UTC
Created attachment 120279 [details] [review]
Replace alloca() by malloc() for arrays

Please consider the attached patch as a fix for the ticket.
Comment 2 Stef Walter 2015-12-07 07:30:34 UTC
Attachment 120279 [details] pushed as a69a898 - Replace alloca() by malloc() for arrays

Looks good. Merged with a couple whitespace fixes. Function names should
be followed by a space.


Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.