https://gcc.gnu.org/bugzilla/show_bug.cgi?id=110848
Bug ID: 110848
Summary: Consider enabling -Wvla by default in C++ modes
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: c++
Assignee: unassigned at gcc dot gnu.org
Reporter: aaron at aaronballman dot com
Target Milestone: ---
VLAs as they're expressed in C have been considered by WG21 and rejected, are
easy to use accidentally to the surprise of users (e.g.,
https://ddanilov.me/default-non-standard-features/), and they have potential
security implications beyond constant-size arrays
(https://wiki.sei.cmu.edu/confluence/display/c/ARR32-C.+Ensure+size+arguments+for+variable+length+arrays+are+in+a+valid+range).
As a result, I've been exploring enabling this diagnostic by default in Clang
in both C++ and GNU++ modes. The in-progress patch discussion can be found at
https://reviews.llvm.org/D156565. However, we like to keep our diagnostic
behaviors in sync with GCC when possible, so I'm wondering if GCC would also
consider such a change.
