Hi Patricia, I am not a programmer, but looking at the screen when building AOO I see a lot of messages that make me think that the code could need a review...
Your suggestion sounds very reasonable to me! Kind regards, Matthias Am 17.06.2017 um 19:52 schrieb Patricia Shanahan: > Without going into details here, some recently fixed security issues > have related to the use of fixed size arrays without bounds checks. > > In general, that is not a very robust programming practice. It depends > on careful checking in the source code to prevent array overflow. > > I suggest a project to replace raw arrays with Standard Template Library > classes as appropriate. All accesses should be through safe functions > such as std::array::at. In some cases we could replace a limited size > but large array with e.g. a std::vector that can start small and grow > only as needed. > > This matches nicely with my observations of volunteers. We are not > getting many people with the skills and experience to dive into a > very large body of code and debug it. We are getting students and > early career programmers who could work on something like this. It > might also be a viable Google Summer of Code project. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org > For additional commands, e-mail: dev-h...@openoffice.apache.org >
smime.p7s
Description: S/MIME Cryptographic Signature