What can we learn from the recently disclosed vulnerabilites in systemd? I'm not a security expert, nor have I understood all the details. But there's one thing that really stands out: > ... Surprised by the heavy usage of alloca() in journald, ... Heavy usage of `alloca()`? Let's have a look at the manpage: > DESCRIPTION > The alloca() function allocates size bytes of space in the > stack frame of the caller. This temporary space is automati‐ > cally freed when the function that called alloca() returns to > its caller. > > RETURN VALUE > The alloca() function returns a pointer to the beginning of the > allocated space. If the allocation causes stack overflow, pro‐ > gram behavior is undefined. > ... > > NOTES > The alloca() function is machine- and compiler-dependent. For > certain applications, its use can improve efficiency compared > to the use of malloc(3) plus free(3). In certain cases, it can > also simplify memory deallocation in applications that use > longjmp(3) or siglongjmp(3). Otherwise, its use is discour‐ > aged. `alloca()` never returns an error. If it fails, then it fails, and you're screwed. The manpage explicitly discourages using it. Okay then. Never use `alloca()`, if you ask me.