[PATCH 23/23] configure: Prohibit variable-length allocations by using -Wvla CPPFLAG

Philippe Mathieu-Daudé Wed, 05 May 2021 14:25:01 -0700

Now that we converted all variable-length allocations in the
repository, add the -Wvla CPPFLAG to trigger a build failure
if such allocation is used.


This should help avoiding vulnerabilities such CVE-2021-3527
(see commit range 3f67e2e7f13..05a40b172e4).

Inspired-by: Gerd Hoffmann <kra...@redhat.com>
Signed-off-by: Philippe Mathieu-Daudé <phi...@redhat.com>
---
 configure | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/configure b/configure
index 4f374b48890..a78ff15b52f 100755
--- a/configure
+++ b/configure
@@ -552,7 +552,7 @@ ARFLAGS="${ARFLAGS-rv}"
 # provides these semantics.)
 QEMU_CFLAGS="-fno-strict-aliasing -fno-common -fwrapv $QEMU_CFLAGS"
 QEMU_CFLAGS="-Wundef -Wwrite-strings -Wmissing-prototypes $QEMU_CFLAGS"
-QEMU_CFLAGS="-Wstrict-prototypes -Wredundant-decls $QEMU_CFLAGS"
+QEMU_CFLAGS="-Wstrict-prototypes -Wredundant-decls -Wvla $QEMU_CFLAGS"
 QEMU_CFLAGS="-D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE 
$QEMU_CFLAGS"
 
 # Flags that are needed during configure but later taken care of by Meson
-- 
2.26.3

[PATCH 23/23] configure: Prohibit variable-length allocations by using -Wvla CPPFLAG

Reply via email to