Re: VLA and alloca

From: Bruno Haible
Subject: Re: VLA and alloca
Date: Sun, 20 Jan 2019 11:19:06 +0100
User-agent: KMail/5.1.3 (Linux/4.4.0-141-generic; KDE/5.18.0; x86_64; ; )


Pádraig Brady wrote:
> I've pushed this with some comments at the current single GNULIB_NO_VLA usage.

How about making use of this GNULIB_NO_VLA macro in all places that assume
VLA syntax? I'm proposing this patch:

2019-01-20  Bruno Haible  <address@hidden>

        vla: Consider GNULIB_NO_VLA.
        * lib/vla.h (VLA_ELEMS): Define to empty if GNULIB_NO_VLA is defined.

diff --git a/lib/vla.h b/lib/vla.h
index f6ebba0..fa5f39a 100644
--- a/lib/vla.h
+++ b/lib/vla.h
@@ -17,10 +17,21 @@
    Written by Paul Eggert.  */
-/* A function's argument must point to an array with at least N elements.
+/* GNULIB_NO_VLA can be defined to disable use of VLAs even if supported.
+   This relates to the -Wvla and -Wvla-larger-than warnings, enabled in
+   the default GCC many warnings set.  This allows programs to disable use
+   of VLAs, which may be unintended, or may be awkward to support portably,
+   or may have security implications due to non-deterministic stack usage.  */
+/* Types and variables which are variable-length arrays can be used without
+   particular macros.  */
+/* VLA_ELEMS is a helper macro used for declaring a function parameter that
+   is a variable-length array.
+   A function's argument must point to an array with at least N elements.
    Example: 'int main (int argc, char *argv[VLA_ELEMS (argc)]);'.  */
-#ifdef __STDC_NO_VLA__
+#if defined __STDC_NO_VLA__ || defined GNULIB_NO_VLA
 # define VLA_ELEMS(n)
 # define VLA_ELEMS(n) static n

