varnishcache
build: enable -Wvla
Enable -Wvla by default, if supported by the compiler, to warn about Variable Length Arrays (VLA). Misuse of VLAs can result in a stack overflow.
VLA can sometimes simplify things, so allow its use only if explicitly marked through a new v_vla_(type, name, count) macro.
I am 👎🏽 because the suggested macro significantly decreases readability and I do not see any value in introducing a boilerplate which will just be applied wholesale. We need to think about VLAs and know what we are doing, and I do not see how this proposal makes this any easier or safer.
Not sure if this is a good idea, but we could maybe have something like
#define ASSERT_VLA(x) assert(sizeof x < 1<<14))
reasoning: outside pcre, we should "always" have 32k stack free, so we could maybe trigger early to safeguard against stack overflow attacks.
I am 👎🏽 because the suggested macro significantly decreases readability and I do not see any value in introducing a boilerplate which will just be applied wholesale.
To be fair, this will trigger on future variable-length arrays and force us to think twice when we introduce some.
Also, this very pull request would actually be the occasion for us to review the legitimacy of existing instances, if anything.
Just for completeness, the macro ended up looking like this piece of code: https://github.com/jemalloc/jemalloc/blob/dev/include/jemalloc/internal/jemalloc_internal_types.h#L126-L142
I did not bother to add support for pre C99, maybe this should be done as well? I understand the point about "significantly decreases readability", but that was partly intended to discourage use of them :)
but that was partly intended to discourage use of them :)
<sarcasm>yeah, bring back alloca()!</sarcasm>