Document ISO/IEC/JTC 1/SC 22/WG 23 N0828

Draft Agenda Meeting #58
ISO/IEC JTC 1/SC 22/WG23
8-9 November 2018


Meeting Location :


Town and Country Hotel, San Diego, CA, USA, hosted by Qualcomm

Being held simultaneously with SC 22/WG 21, and meeting SG 12.


1 Opening activities

1.1 Opening Comments

1.2 Introduction of Participants/Roll Call

Stephen Michell - convenor

Erhard Ploedereder

Gabriel Dos Reis – convenor SG 12

Lisa Lippincott

Paul Preney

Dan Kalowsky

Bjorne Stroustrup

Michael Wong

Daniel Garcia

Frank Birbacher

1.3 Procedures for this Meeting

1.4 Approval of previous Minutes of meeting 56 and 57

Deferred

1.5 Review of actions items and resolutions, Action Item and Decision Logs

1.6 Approval of Agenda

1.7 Future Meeting Schedule


2020





#65

TBD Nov 2020

TBD WG 21


#64

TBD September 2020

With SC 22


#63

TBD June 2020

With WG 9,


#62

5 May 2019

Teleconference, 2000-2200 UTC


#61

7 April 2019

Teleconference 2000-2200 UTC


#60

TBD Feb 2019

TBD

#66

20 January 2020

Teleconference 2000-2200 UTC


2019

#65

7-8 Nov 2019

Belfast, North Ireland with WG 21


#64

22-23 August 2019

Seoul, Korea with SC 22


#63

18-19 July 2019

With WG 21, Cologne, Germany


#62

6 May 2019

Teleconference, 2000-2200 UTC


#61

8 April 2019

Teleconference 2000-2200 UTC


#60

21-22 Feb 2019

Kona, Hawaii with WG 21


#59

21 January 2019

Teleconference 2000-2200 UTC



Liaison Activities

52.2.1 PL22.3/WG5 (Fortran) Gary Klimowicz/Dan Nagle

51.2.2 WG4 (COBOL)

52.2.3 WG9 (Ada) Erhard Ploedereder

52.2.4 PL22.11/WG14 C Clive Pygott

52.2.5 PL22.16/WG21 (C++) Michael Wong

52.2.6 MISRA C Clive Pygott

52.2.7 MISRA (C++) Clive Pygott

52.2.8 SPARK Joyce Tokar

52.2.9 Other Liaison Activities or National body reports

52.3. Document Review

52.3.1 TR 24772-1 Vulnerabilities, language independent – no discussion, ballot expected

52.3.2 TR 24772-2 Ada language specific part – no discussion, ballot expected

52.3.3 TR 24772-3 C language specific part – no discussion, ballot expected

52.3.4 TR 24772-4 Python language specific part

52.3.5 TR 24772-8 Fortran

3.6 TR 24772-9 C++

The meeting is dedicated to progressing the C++ vulnerabilities document with WG 21/SG 12. Results of the discussion are in N0840, along with outstanding action items (which are also documented here). Analysis was performed on the following sections and draft text for C++ vulnerabilities was agreed upon, subject to review by the larger WG 21 community and WG 23 community.

6.27 Switch Statements and Static Analysis [CLL]

6.28 Demarcation of Control Flow [EOJ]

6.29 Loop Control Variables [TEX]

6.30 Off-by-one Error [XZH]

6.31 Structured Programming [EWD]

6.32 Passing Parameters and Return Values [CSJ]

6.33 Dangling References to Stack Frames [DCM]

6.34 Subprogram Signature Mismatch [OTR]

6.35 Recursion [GDL]

6.36 Ignored Error Status and Unhandled Exceptions [OYB]

6.38 Type-breaking Reinterpretation of Data [AMV]

6.41 Inheritance [RIP]

6.43 Violations of the Liskov Principle or the Contract Model  [BLP]

6.44 Redispatching [PPH]

6.45 Polymorphic variables [BKK]

6.46 Extra Intrinsics [LRM]

6.47 Argument Passing to Library Functions [TRJ]

6.48 Interlanguage calling

3.7 Spark

3.8 Potential TR24772 Guidance on avoiding Programming Vulnerabilities – IS



4 Review of Assignment of responsibilities


5 Resolutions and Action Items

All are captured in N0840.



6. Adjournment

Adjourned at 1730 9 November 2018.