Wednesday, April 30, 2008

Cool Little Code Snippet...

At my work an email sometimes gets sent out asking us to spot the defect.  I like these emails as it is usually with code / bugs that I have no f'ing experience and I can learn something that is a nice little trick.  So enough rambling here is some code that basically has the same bug.


Note: This is a technical post so if you don't care about this geeky crap just stop reading now :).


Disclaimer: I wrote the below code in blogger so it might not compile but the part that is interesting is technically correct.



<codesnippet>  

#include
using namespace std;
int main() {
char * c;
char * junkVar;
  const char * f00;
  junkVar = new char('a');
  f00 = junkVar + 1; 
  c = junkVar + 2;
  if(foo - c >= sizeof(int)) {
    cout << "inside of if-statement" << endl;
  } else {
    cout << "hit else statement instead" << endl;  
}
  return 0;
}

</codesnippet>

So, where is the bug?  How will this code execute if it was ran?  If you look at the code you will notice that "foo - c" should have a difference of -1 since "c" is one higher than "foo".  However, sizeof returns an unsigned integer and the compiler will cast the subtraction operation to an unsigned value as well.  What does that mean?  It means -1 becomes FFFFFFFF which is way bigger than "sizeof(int)" and the if condition would be correct.  Pretty cool, eh?  How would you fix this?  Well just cast the return value of sizeof to something signed like say..int.


There are a few security implications of this code.  Mainly if you could make this happen the pre-conditions of the code executed in the if-statement might not be correct and all sorts of weird issues could crop up.


Alright, back to work...


Labels: , ,

Thursday, April 17, 2008

Being the Leader is Better


Today I went mountain bike riding and whenever I go I always remember, being first is better. There are a few good reasons:
  • You don't get mud splattered in your face (unless you fly over the handlebars into a mud pit)

  • You get to take breathers while other people are catching up

  • You get to figure out the route

  • You don't get held back if someone else can't make it up/over/around/through/down an obstacle



There are also a few bad things about being in the lead:
  • You don't know what is coming ahead

  • You are the one that could be holding someone faster back

  • If a really bad obstacle is ahead you have to deal with it first

  • No one is there to give you advice or pointers on issues (slippery roots, mossy rocks, that little drop, that big drop, etc..)

  • You are the one who gets to find the land minds on the trail (horse crap sucks, but I really hate it when dogs [or humans] shit on the trail!)
So, besides me blathering away at stuff I normally don't talk about do I have a point? Yup :). A lot of these advantages and disadvantages also play out in business. In business if you are the first or at least an early adopter it is a lot easier to keep ahead of everyone as long as you don't tucker out or get distracted. If you are not leading it is harder to catch and pass them but it is easier to learn from their mistakes. So, the next time ask yourself do you want to lead and hit the shit first or follow the leader and get mud flung in your eye.

Labels: