Remove all uses of alloca() from this module. The alloca() return value
isn't checked, and it *is* possible that a very large alloca() call is
made, e.g. when a large registry value is being read. I don't know if
alloca() in that case returns NULL or returns a pointer pointing outside
the stack, and I don't want to know -- I've simply replaced all calls to
alloca() with either PyMem_Malloc() or PyString_FromStringAndSize(NULL,)
as appropriate, followed by a size check. This addresses SF buf 851056.
Will backport to 2.3 next.
1 file changed