[Libreoffice] Making our Own Banned.h

Marc-André Laverdière marc-andre at atc.tcs.com
Sun Jun 19 21:21:07 PDT 2011

Hello list.

As you all know, there are a bunch of old C APIs that make security 
vulnerabilities trivial to implement. And doing a git grep tells me that 
we use those a plenty.

Now, not all of it may create vulnerabilities, but it is good practice 
to migrate away from those as much as possible.

Microsoft has compiled a useful list:

And they have made a header (I'm attaching here) that works on their 

Now, I think we should make it multi-platform, so that the whole code 
base can benefit from it. The transition must be gradual, for sure, but 
I think we'd benefit a lot from it in the long run.

What are the compilers that we must handle?
  - Gcc TODO
  - Microsoft's DONE
  - Sun's cc family ???
  - Intel's ???


Marc-André Laverdière
Software Security Scientist
Innovation Labs, Tata Consultancy Services
Hyderabad, India
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: banned.h
URL: <http://lists.freedesktop.org/archives/libreoffice/attachments/20110620/5fe25125/attachment.asc>

More information about the LibreOffice mailing list