The codebase has very few VLAs, and if we can get rid of them all we
can make the compiler error on new additions. This is a defensive
measure against security bugs where an on-stack dynamic allocation
isn't correctly size-checked (e.g. CVE-2021-3527).
This patchset fixes some places in the spice and vnc UI frontends
that were doing on-stack allocations. For the vnc-enc-hextile
case we can make the array fixed size; for the other two places
we switch to a heap allocation.
Disclaimer: tested only with compile + make check, which doesn't
actually exercise the UI frontends.
thanks
-- PMM
Peter Maydell (2):
ui/spice-display: Avoid dynamic stack allocation
ui/vnc-enc-hextile: Use static rather than dynamic length stack array
Philippe Mathieu-Daudé (1):
ui/vnc-enc-tight: Avoid dynamic stack allocation
ui/vnc-enc-hextile-template.h | 8 +++++++-
ui/spice-display.c | 3 ++-
ui/vnc-enc-tight.c | 11 ++++++-----
3 files changed, 15 insertions(+), 7 deletions(-)
--
2.34.1