 
                            ...
| Code Block | 
|---|
| char vla[s]; | 
| Wiki Markup | 
|---|
| ThisWhere the integer {{s}} and the declaration isare both evaluated at runtime. If a size argument supplied to VLAs is not a positive integer value of reasonable size, then the program may behave in an unexpected way. An attacker may be able to leverage this behavior to overwrite critical program data \[[Griffiths 06|AA. C References#Griffiths 06]\]. The programmer must ensure that size arguments to VLAs are valid and have not been corrupted as the result of an exceptional integer condition. | 
...