Checking string allocations (was Re: String literals, ASCII vs UTF-8)

Caolán McNamara caolanm at redhat.com
Wed Feb 29 12:53:05 PST 2012


On Wed, 2012-02-29 at 17:11 +0100, Lubos Lunak wrote:
> Do we actually have code that tries to gracefully handle running out of 
> memory? Because if not, and I doubt we realistically do[*]

Its not O[U]String related, but FWIW vcl/unx/source/gdi/salbmp.cxx has
some std::bad_alloc catches from commit 807d9a7d for
https://issues.apache.org/ooo/show_bug.cgi?id=82997 which has a
test .png of https://issues.apache.org/ooo/attachment.cgi?id=49179 as an
apparent real-world case.

>  sd/source/filter/ppt/propread.cxx , PropItem::Read() ... just crashing
>  is usually the better option, because that way the user at least knows.

dunno about the idea of making rtl_allocateMemory simply abort, I mean a
lot of, especially the .doc/.ppt/.xls, filters are still based on a
certain degree of guesswork as they were written before specs got
released, we can sometimes end up parsing a pile of random junk in the
delusion its something else, even outside all the hacked documents which
deliberately attempt DoS. Just crashing and taking out every open
document that user's got when opening a random .ppt vs showing as much
as we can, or at least just abandoning the load attempt, is a hard
sell. 

C.



More information about the LibreOffice mailing list