Variable length arrays (VLA) are basically the same as traditional C arrays save they are declared with a size that is not a constant integer expression and is evaluated at run time. A variable length array can be declared as follows:
char vla[s];
Where s specifies the size of array vla. If a size parameter supplied to VLAs is not a positive integer value of reasonable size, then the program may behave in an unexpected way. An attacker may be able to leverage this behavior to overwrite critical program data (Feline 1). The programmer must ensure that size arguments to VLAs are valid and have not been corrupted as the result of an exceptional integer condition.