Hi Marc,
On Mon, 2012-12-10 at 10:27 -0500, Marc-André Laverdière wrote:
> I am doing some proactive hardening of the image filters these days,
> and I have to say that there is a lot of code like this:
>
> *stream >> meh;
Which is IMHO intrinsically broken; I'd prefer to see that as:
meh = stream.ReadInt32();
Where we default to zero for end-of stream and bad streams - rather
than uninitialized variables. Not only does it get rid of the fragile
operator overload, make the code clearer by having the type information
at the call-site etc. It also avoids using exceptions ;-)
> if (! stream->good())
> return sal_False;
>
> It is very cluttered to do this for _every_ read.
Agreed - so people don't and un-intialized data creeps in.
IIRC we had a plan / easy-hack to move all operator overloaded stream
read/writers to use explicit methods. Quite possibly if you poke at
clang you can magically make it generate patches for us that do
that ? :-) [ worth a poke ].
How does that sound ?
Michael.
--
michael.me...@suse.com <><, Pseudo Engineer, itinerant idiot
_______________________________________________
LibreOffice mailing list
LibreOffice@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice
