[gdal-dev] RFC-19 revised

Even Rouault even.rouault at mines-paris.org
Mon Jan 7 16:49:20 EST 2008


Hi all,

After more feedback coming from discussions on IRC, I've decided to revise the 
terms of http://trac.osgeo.org/gdal/wiki/rfc19_safememalloc.

The summary of changes is that I would only add 2 new functions - VSIMalloc2 
and VSIMalloc3 - which would have the same behaviour of the previously named 
CPLSafeMalloc2 and CPLSafeMalloc3. Their behaviour would be consistent with 
the behaviour of current VSIMalloc. (The 'safe' qualifier could have implied 
that other memory allocation functions are not safe to use, which is not the 
case).

The proposed functions for detecting overflows when doing arithmetic 
operations (CPLSafeMul/CPLSafeSizetCastToInt), and the way of implementing 
them (templates vs not templates), don't make enough consensus and are 
retracted. There could be indeed a more general need for "safe" arithmetic, 
and not just restrict them to multiplication of size_t variables. The subject 
of security is far from being fully covered... ;-)

So, I call for a new vote on the updated RFC.

Best regards,
Even


More information about the gdal-dev mailing list