On 06/17/2017 01:52 PM, Patricia Shanahan wrote:
Without going into details here, some recently fixed security issues
have related to the use of fixed size arrays without bounds checks.
In general, that is not a very robust programming practice. It depends
on careful checking in the source code to prevent array overflow.
I suggest a project to replace raw arrays with Standard Template Library
classes as appropriate. All accesses should be through safe functions
such as std::array::at. In some cases we could replace a limited size
but large array with e.g. a std::vector that can start small and grow
only as needed.
This matches nicely with my observations of volunteers. We are not
getting many people with the skills and experience to dive into a
very large body of code and debug it. We are getting students and
early career programmers who could work on something like this. It
might also be a viable Google Summer of Code project.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org
That sounds like a good idea.
Do you think the calls may be common enough to find with a search to get
a list of files to look in?
Thanks,
Carl
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org
For additional commands, e-mail: dev-h...@openoffice.apache.org
