On Wed, 2012-02-29 at 17:11 +0100, Lubos Lunak wrote: > Do we actually have code that tries to gracefully handle running out of > memory? Because if not, and I doubt we realistically do[*]
Its not O[U]String related, but FWIW vcl/unx/source/gdi/salbmp.cxx has some std::bad_alloc catches from commit 807d9a7d for https://issues.apache.org/ooo/show_bug.cgi?id=82997 which has a test .png of https://issues.apache.org/ooo/attachment.cgi?id=49179 as an apparent real-world case. > sd/source/filter/ppt/propread.cxx , PropItem::Read() ... just crashing > is usually the better option, because that way the user at least knows. dunno about the idea of making rtl_allocateMemory simply abort, I mean a lot of, especially the .doc/.ppt/.xls, filters are still based on a certain degree of guesswork as they were written before specs got released, we can sometimes end up parsing a pile of random junk in the delusion its something else, even outside all the hacked documents which deliberately attempt DoS. Just crashing and taking out every open document that user's got when opening a random .ppt vs showing as much as we can, or at least just abandoning the load attempt, is a hard sell. C. _______________________________________________ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice
