I would expect that filters should be validating their inputs.
By the time that we get a bad_alloc, it's too late to recover properly.
Unless we're talking about someday running filters in a separate
process, and then validating the document they generate, in which case
the main process would remain safe.
On 2012-02-29 15:48, Eike Rathke wrote:
Hi Stephan,
On Wednesday, 2012-02-29 08:42:35 +0100, Stephan Bergmann wrote:
However, there are also situations where bad input (malicious or
otherwise) would cause an application to request excessive amounts
of memory to do a single task (e.g., open a document), and at least
in theory the application should be able to cope with such
externally-induced OOM conditions, by abandoning the bad operation,
cleaning up after it, telling the user the operation failed, and
carrying on.
I think catching std::bad_alloc and returning an error should be
possible in most filter code based on SfxObjectShell / SfxMedium.
Eike
_______________________________________________
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice
Disclaimer: http://www.peralex.com/disclaimer.html
_______________________________________________
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice
