...
Non-Compliant Code Example
| Wiki Markup |
|---|
C99 \[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] includes support for variable-length arrays (VLAs). If the array length is derived from an untrusted data source, an attacker could cause the process to perform an excessive allocation on the stack. |
This non-compliant code example temporarily stores data read from a source file into a buffer. The buffer is allocated on the stack as a variable-length array of size bufsize. If bufsize can be controlled by a malicious user, this code could be exploited to cause a denial-of-service attack.
...
This compliant solution replaces the variable-length array with a call to malloc(). If malloc() fails, the return value can be checked to prevent the program from terminating abnormally.
...