The Daily WTF: Curious Perversions in Information Technology

Reflections on Privacy

by Remy Porter in CodeSOD on 2024-07-25

Jaco's team had a problems with making an embedded web server shut down properly. Something about the shutdown process was deadlocking, so one of their "ninja Yoda coders" rockstarred their way to a solution.

private void stopServer() {
	try {
		if (webServer != null) {
			logger.debug("Shutdown webserver");
			// This goes into a dead lock, therefore I've replaced it with
			// some voodoo stuff.
			logger.debug("Get listener field from web server.");
			Field listenerField = WebServer.class.getDeclaredField("listener");
			listenerField.setAccessible(true);
			Thread listener = (Thread) listenerField.get(webServer);
			listenerField.set(webServer, null);
			logger.debug("Interrupt the listener thread.");
			listener.interrupt();
			webServer = null;
			logger.debug("Shutdown webserver complete");
		} else {
			logger.debug("No webserver to shutdown");
		}
	} catch (Exception e) {
		logger.error(LoggerCodes.RPC_SERVER_SHUTDOWN_FAILURE, e, LoggerUtility.parameters("class",
			e.getClass().getSimpleName(), "message", e.getMessage()));
	}
}

13 comments - Last comment @ 2024-07-26

How to Validate an IP Address

by Remy Porter in CodeSOD on 2024-07-24

Andy has some concerns about future proofing. In this case, he sends us some C# code that's supposed to validate an IP address.

string[] address = StringTools.splitStr(IP, '.');
if (address.length < 4) {
        throw new Exception("Bad IP format : " + IP);           }

21 comments - Last comment @ 2024-07-26

Serial Properties

by Remy Porter in CodeSOD on 2024-07-22

Jan wrote some code that set a property, and a few lines later had to write code to read that value- and the compiler complained. Which is what drew his attention to this C# code:

public string ViewNodeFilter
{
        protected get
        {
                if (viewNodeFilter.IsNotValid())
                {
                        return "null";
                }
                return new JavaScriptSerializer().Serialize(viewNodeFilter);
        }
        set { viewNodeFilter = value; }
}

19 comments - Last comment @ 2024-07-23

False True is True False

by Remy Porter in CodeSOD on 2024-07-18

Languages which do type-coercion are generally setting users up for failure. At some point, you'll make some assumption about your inputs, and then type-coercion kicks in and changes what you expect. We see this all the time in JavaScript, and of course, in PHP. PHP booleans, for example, can surprise you: 0 is false, which is a common enough assumption, but so is "0"- the string zero. As are empty arrays.

But what if you wanted more control over it? Peter sends us this PHP he found:

19 comments - Last comment @ 2024-07-23

Sanitary Paths

by Remy Porter in CodeSOD on 2024-07-17

When accepting user input for things like, say, accessing the filesystem, you need to do some validation. Bad or inappropriate characters could lead to surprises that no one is going to like.

So when Christian first spotted this C# method called SanitizePath, he didn't think much of it. But then he looked at the implementation…

19 comments - Last comment @ 2024-07-19

Prefixual

by Remy Porter in CodeSOD on 2024-07-16

Maciek has the distinct pleasure of working on Dynamics Ax, and ERP system. Like every other ERP system, it's endlessly customizable, and scriptable. In this case, scriptable in a custom language called "X++".

While it's probably entirely possible to write good code under these circumstances, it's not an environment conducive to that. And that's how Maciek inherited this method:

17 comments - Last comment @ 2024-07-18

Uniquely Enough Identifiers

by Remy Porter in CodeSOD on 2024-07-15

Running and hosting a database is expensive. Not only do you need the server for it (even if you rent in the cloud), you also need the expertise to administer it. And that's why Lucas ended up working on an application which used Google Sheets as its database.

Now, this was an application used by a marketing team to create new marketing campaigns, so Google Sheets wasn't the worst choice made in the entire process. With only a handful of users and dozens of records, it was fine. You didn't need to put a huge amount of effort or expertise into it- at least, that's what management thought.

27 comments - Last comment @ 2024-07-20

Looks Guid to Me

by Remy Porter in CodeSOD on 2024-07-03

Today, we have an interesting one. It's not technically a Code SOD, because it doesn't have any code. It isn't quite a feature, because it doesn't contain a story. It's just some data, from a database table.

But it does tell a story.

27 comments - Last comment @ 2024-07-05

Certificate of Security

by Remy Porter in CodeSOD on 2024-07-02

Joe wanted to interact with a social media service's API. As one does, he went out and found a library for his language, and started investigating it. Now, the API was, unsurprisingly, an HTTP based API, wrapped in TLS for security. The library had a handy built-in function which validated the security certificates to ensure they were still valid and hadn't been compromised:

Private Function ValidateCertificate(ByVal sender As Object, ByVal certificate As System.Security.Cryptography.X509Certificates.X509Certificate, ByVal chain As System.Security.Cryptography.X509Certificates.X509Chain, ByVal sslPolicyErrors As System.Net.Security.SslPolicyErrors) As Boolean
    Return True
End Function

16 comments - Last comment @ 2024-07-15

Black Letters

by Remy Porter in CodeSOD on 2024-07-01

Johannes started debugging an application, and decided he needed to "share his pain".

Here, we're presented with a simple problem: convert a number in the range [0-25] to a letter [A-Z]. Many people would solve this with an array of letters as a lookup table. If they're clever, they'd leverage the character encoding and do some arithmetic.

22 comments - Last comment @ 2024-07-06

Recent CodeSOD