...
Where s
specifies the size of array vla
and is evaluated at run time. If a size parameter supplied to VLAs is not a positve positive integer value of reasonable size, then the program may behave in an unexpected way. An attacker may be able to leverage this behavior to overwrite critical program data (Feline 1). The programmer must ensure that size arguments to VLAse valid and have not been corrupted as the result of an exceptional integer condition.