[Libreoffice] Making our Own Banned.h
Marc-André Laverdière
marc-andre at atc.tcs.com
Sun Jun 19 21:21:07 PDT 2011
Hello list.
As you all know, there are a bunch of old C APIs that make security
vulnerabilities trivial to implement. And doing a git grep tells me that
we use those a plenty.
Now, not all of it may create vulnerabilities, but it is good practice
to migrate away from those as much as possible.
Microsoft has compiled a useful list:
http://msdn.microsoft.com/en-us/library/bb288454.aspx
And they have made a header (I'm attaching here) that works on their
compiler.
Now, I think we should make it multi-platform, so that the whole code
base can benefit from it. The transition must be gradual, for sure, but
I think we'd benefit a lot from it in the long run.
What are the compilers that we must handle?
- Gcc TODO
- Microsoft's DONE
- Sun's cc family ???
- Intel's ???
Regards,
--
Marc-André Laverdière
Software Security Scientist
Innovation Labs, Tata Consultancy Services
Hyderabad, India
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: banned.h
URL: <http://lists.freedesktop.org/archives/libreoffice/attachments/20110620/5fe25125/attachment.asc>
More information about the LibreOffice
mailing list