|
theg sprank posted:I found these right next to each other in some code of mine today That's terrible not only for the redundancy but also for the fact that it sefaults your program if either node or parent is NULL.
|
# ¿ May 13, 2008 00:16 |
|
|
# ¿ Apr 29, 2024 14:36 |
|
tef posted:Here is a bit of a security coding horror: Maybe I'm just not understanding the code, but after giving it a brief glance it seems like the "correct" code is using the fact that uninitialized variables are not guaranteed to have any particular value as a source of entropy. Isn't that hugely non-portable? Is there anything the C spec that says that the compiler cannot zero out uninitialized variables? I know it doesn't have to, but is it forbidden to? If not, isn't the "correct" code insecure on any compiler which chooses to act this way?
|
# ¿ May 13, 2008 15:19 |
|
TSDK posted:And that's a second WTF right there. Compilers are not stupid. Only people who think compilers are stupid, are stupid. Well, the admonition not to fix warnings without understanding the code is valid - in fact you shouldn't do anything to code that you don't understand. I think however that the better statement is not that the compiler is "stupid" but that it is conservative. For example, consider code:
|
# ¿ May 13, 2008 16:00 |
|
TSDK posted:I also disagree that you need to have a full and complete understanding of anything before coding or bug fixing. Often the only way to get to fully understand systems is when you actually go through it in practice trying to change or implement something. It's also perfectly possible to do an adequate job fixing bugs without understanding all of the surrounding code. I wasn't trying to say you do but you at least should understand the part of the code that you're fixing/changing, which it appears that this person didn't.
|
# ¿ May 13, 2008 17:20 |
|
rotor posted:No way. I want intersection/union glyphs. I've been typing .contains and .concat for 12 goddamn years like some kind of loving caveman. It's 2008, let's start acting like it people. Agreed. We don't need a full whacko APL keyboard, but it would be pretty nice to at least have characters for basic set operations (intersect, union, subset, superset), and a single glyph for -> on normal keyboards. I'd even be happy with settling for a bigraph for subset-or-equal and superset-or-equal.
|
# ¿ May 29, 2008 22:59 |
|
Chain Chomp posted:It would look like this I guess Not only is that a retarded DB design, it also is completely useless. Nothing that a database can do that a spreadsheet (or hell a flat text file) cannot do is applicable to that layout.
|
# ¿ Jun 7, 2008 00:11 |
|
Zombywuf posted:On the subject of exception based control flow: haha oh god... at least that gets creativity points. Who needs RTTI when you have exceptions?
|
# ¿ Jun 18, 2008 14:36 |
|
JoeNotCharles posted:Your way is better - you don't want people to be able to put 'os.system("rm -rf /")' in your config file and have it blindly executed. Eh? As long as it's not running suid or something, there's nothing a user can put in his config file that he couldn't just type into the commandline. It's not a program's job to stop a user from doing something stupid when they go out of their way to do it.
|
# ¿ Jul 10, 2008 15:55 |
|
JoeNotCharles posted:What if somebody wants to install it with a web server frontend? Or some malicious person sends a complex config file saying, "Here, this'll do exactly what you're looking for!" when it actually has some bad commands embedded in it? Blindly executing anything handed to you is a terrible habit to get into. If you're allowing untrusted web users (or untrusted ANYONE) to make arbitrary changes to the configuration file for one of your apps, you're pretty hosed regardless. I could send someone a .emacs config file that wipes their hard drive (or at least their home directory), but that's not considered to be security problem with emacs.
|
# ¿ Jul 10, 2008 18:15 |
|
Save the whales posted:
Bug report. Severity: Critical.
|
# ¿ Jul 12, 2008 06:04 |
|
Came across this while debugging someone else's code at work this week:code:
1. Even ignoring the other bugs, it only "works" for octal numbers that are 2 or 3 digits long (and 2 only by accident). If you pass it a 1 or 4+ digit number, the results are non-deterministic. In context, this function is not going to receive any 4+ digit numbers, but a 1-digit number is completely possible. 2. The author apparently forgot that C strings are null-terminated, leading to: 2a. The strcpy call will write past the storage of octnum if octnumber is 3 or more digits. 2b. Every call to sprintf will write past the storage of chdigit 3. There's no const-correctness on the parameter 4. The entire goddamned function can be replaced by a single call to strtol. I replaced it with strtol. Smackbilly fucked around with this message at 13:52 on Jan 11, 2009 |
# ¿ Jan 11, 2009 13:50 |
|
awesmoe posted:Doesn't calling erase on a container invalidate all iterators into that container? (I'm asking, here - I'm not certain). If so, the change made doesn't fix the problem anyway. For some containers it does, for others it does not. For example: map does not invalidate all iterators on erasure, but deque does.
|
# ¿ Jan 17, 2009 03:21 |
|
Flobbster posted:STL algorithms. Use 'em, motherfuckers Can't wait for C++0x lambda functions to make STL predicates so much less a pain in the rear end.
|
# ¿ Jan 17, 2009 14:12 |
|
Otto Skorzeny posted:Here also note the use of 'auto' for compile-time type inference, which really comes into its own in situations like Also C++0x will finally make >> in a template context not be a right shift operator, thus eliminating the syntax error that the above code would have had in current C++. Thank god.
|
# ¿ Jan 18, 2009 14:14 |
|
Flobbster posted:Smackbilly is correct, but at the same time erase is still guaranteed to return a valid iterator to the element after the one being erased, regardless of whether the container's semantics invalidate other iterators on erasure. I didn't know this off the top of my head but I just discovered that this is not actually true. The erase() method in associative containers (such as std::set and std::map) returns void. It neither invalidates all iterators nor returns an iterator. Only sequence containers return an iterator from erase(). On the one hand this is annoying because it is inconsistent, but on the other hand, advancing an iterator in an associative container may take non-constant time, and advancing the iterator is not necessarily required to perform the erasure, so I suppose this was done for efficiency reasons.
|
# ¿ Jan 19, 2009 03:26 |
|
ColdPie posted:I remember seeing this in my first month on the job. I got something almost exactly like this (except in C, not Java) in code written by someone senior to me a few months ago. It was doubly odd because aside from that the code was very good and WTF-free.
|
# ¿ Jan 24, 2009 15:09 |
|
|
# ¿ Apr 29, 2024 14:36 |
|
Ugg boots posted:I mentioned this in IRC as it was playing out, but I'm sitting in a Computer Science majors computer lab, and there are three guys sitting next to me working on a Perl assignment. I know for a fact they're not freshmen or sophomores but even if they were, ugh. They're missing the part where the human is supposed to do the thinking and planning, and the computer is supposed to do the simple things as quickly as possible. They're trying to have the humans do simple things as quickly as possible without the thinking and planning, and it doesn't really work well that way.
|
# ¿ Jan 27, 2009 03:04 |