openoffice-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patricia Shanahan <p...@acm.org>
Subject A refactoring proposal
Date Sat, 17 Jun 2017 17:52:21 GMT
Without going into details here, some recently fixed security issues
have related to the use of fixed size arrays without bounds checks.

In general, that is not a very robust programming practice. It depends
on careful checking in the source code to prevent array overflow.

I suggest a project to replace raw arrays with Standard Template Library
classes as appropriate. All accesses should be through safe functions
such as std::array::at. In some cases we could replace a limited size
but large array with e.g. a std::vector that can start small and grow
only as needed.

This matches nicely with my observations of volunteers. We are not
getting many people with the skills and experience to dive into a
very large body of code and debug it. We are getting students and
early career programmers who could work on something like this. It
might also be a viable Google Summer of Code project.


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@openoffice.apache.org
For additional commands, e-mail: dev-help@openoffice.apache.org


Mime
View raw message