diff options
| author | Paul Eggert <eggert@cs.ucla.edu> | 2019-02-25 08:26:49 -0800 |
|---|---|---|
| committer | Paul Eggert <eggert@cs.ucla.edu> | 2019-02-25 08:27:40 -0800 |
| commit | 0d49078ad80f54b810180a071e2b6b4bcc024851 (patch) | |
| tree | 44be6830a600b9802c4b6a08acbde97480624c50 /lib/vla.h | |
| parent | cedc3410d4feab7b4beeef3eab474fbabad4035c (diff) | |
| download | emacs-0d49078ad80f54b810180a071e2b6b4bcc024851.tar.gz | |
Update from Gnulib
This incorporates:
2019-02-24 nstrftime: support the ‘+’ flag
2019-02-24 stat, lstat: fix conflict with relocatable-prog-wrapper
2019-02-23 nstrftime: tweak arg order
2019-02-21 nstrftime: merge glibc strftime changes
2019-02-02 vla: add commentary about VLA_ELEMS
* build-aux/config.guess, doc/misc/texinfo.tex, lib/fstatat.c:
* lib/lstat.c, lib/nstrftime.c, lib/vla.h:
Copy from Gnulib.
Diffstat (limited to 'lib/vla.h')
| -rw-r--r-- | lib/vla.h | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/lib/vla.h b/lib/vla.h index f6ebba0ede3..8f5dea76f61 100644 --- a/lib/vla.h +++ b/lib/vla.h @@ -17,6 +17,20 @@ Written by Paul Eggert. */ +/* The VLA_ELEMS macro does not allocate variable-length arrays (VLAs), + so it does not have the security or performance issues commonly + associated with VLAs. VLA_ELEMS is for exploiting a C11 feature + where a function can start like this: + + double scan_array (int n, double v[static n]) + + to require a caller to pass a vector V with at least N elements; + this allows better static checking and performance in some cases. + In C11 this feature means that V is a VLA, so the feature is + supported only if __STDC_NO_VLA__ is defined, and for compatibility + to platforms that do not support VLAs, VLA_ELEMS (n) expands to + nothing when __STDC_NO_VLA__ is not defined. */ + /* A function's argument must point to an array with at least N elements. Example: 'int main (int argc, char *argv[VLA_ELEMS (argc)]);'. */ @@ -25,3 +39,15 @@ #else # define VLA_ELEMS(n) static n #endif + +/* Although C99 requires support for variable-length arrays (VLAs), + some C compilers never supported VLAs and VLAs are optional in C11. + VLAs are controversial because their allocation may be unintended + or awkward to support, and large VLAs might cause security or + performance problems. GCC can diagnose the use of VLAs via the + -Wvla and -Wvla-larger-than warnings options, and defining the + macro GNULIB_NO_VLA disables the allocation of VLAs in Gnulib code. + + The VLA_ELEMS macro is unaffected by GNULIB_NO_VLA, since it does + not allocate VLAs. Programs that use VLA_ELEMS should be compiled + with 'gcc -Wvla-larger-than' instead of with 'gcc -Wvla'. */ |