...
Where s specifies the size of array vla and is evaluated at run time. If a size parameter supplied to VLAs is not a positive integer value of reasonable size, then the program may behave in an unexpected way. An attacker may be able to leverage this behavior to overwrite critical program data (Feline 1). The programmer must ensure that size arguments to VLAse VLAs are valid and have not been corrupted as the result of an exceptional integer condition.