On Mon, Aug 20, 2018 at 2:55 PM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
> Thomas Munro <thomas.munro@enterprisedb.com> writes:
> As previously noted, that seems like a nice thing to allow ...
>
>> + pgssPlan *planArray[numPlans];
>> Can't use variable length arrays in C89.
>
> ... but I'm less excited about this one. Seems like a great opportunity
> for unexpected stack overflows, and thence at least the chance for
> DOS-causing security attacks. Can we prevent that from being allowed,
> if we start using -std=c99?
-Werror=vla in GCC, apparently.
Another problem with VLAs is that they aren't in C++ and last I heard
they aren't ever likely to be (at least not with that syntax). I'd rather not
introduce obstacles on that path.
--
Thomas Munro
http://www.enterprisedb.com