From dccee408262262ab9a63403141b74a0d937284bc Mon Sep 17 00:00:00 2001 From: Maria Matejka Date: Fri, 16 Aug 2019 12:47:13 +0200 Subject: [PATCH] OSPF: variable-length array of size 0 replaced by alloca()'d pointer NULL pointer is safer than a random pointer onto stack if this function gets changed and eventually broken. --- proto/ospf/ospf.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/proto/ospf/ospf.c b/proto/ospf/ospf.c index 29610f4a..3cb40283 100644 --- a/proto/ospf/ospf.c +++ b/proto/ospf/ospf.c @@ -1244,7 +1244,7 @@ ospf_sh_state(struct proto *P, int verbose, int reachable) uint num = p->gr->hash_entries; struct top_hash_entry *hea[num]; - struct top_hash_entry *hex[verbose ? num : 0]; + struct top_hash_entry **hex = verbose ? alloca(num * sizeof(struct top_hash_entry *)) : NULL; struct top_hash_entry *he; struct top_hash_entry *cnode = NULL; @@ -1289,7 +1289,9 @@ ospf_sh_state(struct proto *P, int verbose, int reachable) lsa_compare_ospf3 = !ospf2; qsort(hea, j1, sizeof(struct top_hash_entry *), lsa_compare_for_state); - qsort(hex, jx, sizeof(struct top_hash_entry *), ext_compare_for_state); + + if (verbose) + qsort(hex, jx, sizeof(struct top_hash_entry *), ext_compare_for_state); /* * This code is a bit tricky, we have a primary LSAs (router and