ui: avoid dynamic stack allocations

[PATCH 0/3] ui: avoid dynamic stack allocations

Peter Maydell posted 3 patches 9 months ago

Download series mbox

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20230818151057.1541189-1-peter.maydell@linaro.org

Maintainers: Gerd Hoffmann <kraxel@redhat.com>, "Marc-André Lureau" <marcandre.lureau@redhat.com>

ui/vnc-enc-hextile-template.h |  8 +++++++-
ui/spice-display.c            |  3 ++-
ui/vnc-enc-tight.c            | 11 ++++++-----
3 files changed, 15 insertions(+), 7 deletions(-)

Expand all Fold all

[PATCH 0/3] ui: avoid dynamic stack allocations

Posted by Peter Maydell 9 months ago

The codebase has very few VLAs, and if we can get rid of them all we
can make the compiler error on new additions.  This is a defensive
measure against security bugs where an on-stack dynamic allocation
isn't correctly size-checked (e.g.  CVE-2021-3527).

This patchset fixes some places in the spice and vnc UI frontends
that were doing on-stack allocations. For the vnc-enc-hextile
case we can make the array fixed size; for the other two places
we switch to a heap allocation.

Disclaimer: tested only with compile + make check, which doesn't
actually exercise the UI frontends.

thanks
-- PMM

Peter Maydell (2):
  ui/spice-display: Avoid dynamic stack allocation
  ui/vnc-enc-hextile: Use static rather than dynamic length stack array

Philippe Mathieu-Daudé (1):
  ui/vnc-enc-tight: Avoid dynamic stack allocation

 ui/vnc-enc-hextile-template.h |  8 +++++++-
 ui/spice-display.c            |  3 ++-
 ui/vnc-enc-tight.c            | 11 ++++++-----
 3 files changed, 15 insertions(+), 7 deletions(-)

-- 
2.34.1