Document ISO/IEC/JTC 1/SC 22/WG 23 N0695

Draft Minutes Post-Meeting 47 Telecon
13 February 2017


Hubert Tong
Michael Wong

Meeting Location :


Meeting Times:

13 February 2017: 2100-2300 UTC



1 Opening activities

1.1 Opening Comments

1.2 Introduction of Participants/Roll Call

1.3 Procedures for this Meeting

1.4 Approval of previous Minutes (for face-to-face meetings only)

1.5 Review of actions items and resolutions, Action Item and Decision Logs

1.6 Approval of Agenda [N 0680]

1.7 Future Meeting Schedule


Pre-mtg 55



TBD September 2018

CSA Toronto, Canada with SC 22



With WG 9 and Ada Europe




TBD April 2018

Czech Republic with C

Pre-mtg 52

TBD March 2018


22-23 January 2018

Phoenix, AZ




Teleconference (UTC 2000, 2 hr)



Teleconference (UTC 2000, 2 hr)


17-18 August 2017

BSI London (with SC 22 Plenary)


19-20 June 2017

Vienna, Austria with Ada Europe(2 day)



Teleconference (UTC 2000, 2 hr)


6-7 April 2017

IBM Markham, Canada (2 day)


Mar 6, 17

Teleconference (UTC 2100, 2 hr)



Teleconference (UTC 2100, 2 hr)

Dedicated topic, Templates and Generics in Part 1, capturing C++ issues.

2. Liaison Activities (not for discussion at this meeting)

2.1 SC 22

2.2 PL 22 (Open)

2.3 PL22.3/WG5 (Fortran)

2.4 WG4 (COBOL)

2.5 WG9 (Ada)

2.6 PL22.11/WG14 (C)

2.7 PL22.16/WG21 (C++)

2.8 Ecma International, TC49/TG2 (C#)

2.9 Ecma International, TC39 (ECMAScript)

2.10 MISRA (C)

2.11 MISRA (C++)

2.12 SPARK

2.13 SC7/WG19 (UML)

2.14 SC27/WG3, WG4 Security

2.15 Other Liaison Activities or National body reports

3. Document Review

3.1 TR 24772-1 Vulnerabilities, language independent

Document N0689, clause 40 Templates and Generics.

At the present time, clause 40 reflects the view of templates and generics from a perspective similar to Ada. C++ has a different model of generics. This meeting is to discuss the different models of templates and generics, and determine how to update 6.40 to reflect a broader view and to capture what vulnerabilities exist from the C++ model.

3.2 TR 24772-2 Ada language specific part

3.3 TR 24772-3 C language specific part

3.4 TR 24772-4 Python language specific part

3.5 TR 24772-8 Fortran

3.6 TR 24772-9 C++

Document N0691 is the first draft of a potential C++ Part. It is largely a remapping of Part 3 C. C++ participants are requested to review the document and suggest ways to sharpen the C-specific discussions, to capture ways that C++ features can mitigate vulnerabilities, and to help capture C++ vulnerabilities that do not exist in C.

We discuss N0

Section 3 Terms and definitions – We agree to leave the definitions in place and review them later once significant portions of the vulnerabilities have been worked on.

AI – Clive – check that updates made to Part 1 6.4 floating point to see if captured in Part 3.

Suggestion – create a C++ annex that re

Team of Paul, Michael and Hubert to try a tack of pushing the C-specific guidelines to Part 3 or Part 1 and running the approach through the WG 21 leadership. Clive to continue working through the document to capture the differences between C and C++ w.r.t vulnerabilities.

3.7 Bibliography for each TR24772 Part

3.8 Dirty Dozen Rules for C, generic, and other languages

4 Strategy (Face to face meetings only)

5 Publicity (Face to face meetings only)

6 Other Business

6.1 Review of Assignment of responsibilities

7. Resolutions and Action Items

8. Adjournment