diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2024-02-21 17:26:36 +0100 |
|---|---|---|
| committer | Thomas Huth <thuth@redhat.com> | 2024-02-23 08:13:52 +0100 |
| commit | 64c1a5443528ac09d8cd50f365d6a2fb8375b90c (patch) | |
| tree | ac800ad290177efbf94fa43c496b5d23be8cf917 /meson.build | |
| parent | 97c2fc5076be1fb37e7af5287289c3ee023faabd (diff) | |
| download | qemu-64c1a5443528ac09d8cd50f365d6a2fb8375b90c.zip qemu-64c1a5443528ac09d8cd50f365d6a2fb8375b90c.tar.gz qemu-64c1a5443528ac09d8cd50f365d6a2fb8375b90c.tar.bz2 | |
meson: Enable -Wvla
QEMU has historically used variable length arrays only very rarely.
Variable length arrays are a potential security issue where an
on-stack dynamic allocation isn't correctly size-checked, especially
when the size comes from the guest. (An example problem of this kind
from the past is CVE-2021-3527). Forbidding them entirely is a
defensive measure against further bugs of this kind.
Enable -Wvla to prevent any new uses from sneaking into the codebase.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20240125173211.1786196-3-peter.maydell@linaro.org>
[thuth: rebased to current master branch]
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20240221162636.173136-4-thuth@redhat.com>
Signed-off-by: Thomas Huth <thuth@redhat.com>
Diffstat (limited to 'meson.build')
| -rw-r--r-- | meson.build | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meson.build b/meson.build index c1dc83e..0ef1654 100644 --- a/meson.build +++ b/meson.build @@ -592,6 +592,7 @@ warn_flags = [ '-Wstrict-prototypes', '-Wtype-limits', '-Wundef', + '-Wvla', '-Wwrite-strings', # Then disable some undesirable warnings |