/prog/ - Defensive Programming Squad

Name: Anonymous 2008-10-22 5:59

In this thread we pick up innocent programs and tank the shit out of them.

#include <stdio.h>
int main () {
int n1, n2;
printf("First integer:");
scanf("%d", &n1);
printf("Second integer:");
scanf("%d", &n2);
printf("Sum = %d\n", n1+n2);
return 0;
}

Name: Anonymous 2008-10-22 6:31

/target >>1

/cast Charge

/cast Devastate

/cast Shield Block

/cast Thunderclap

/cast Revenge

/cast Devastate

/cast Shield Slam

/cast Devastate

/cast Revenge

/cast Devastate

/cast Shield Slam

/cast Revenge

Name: Anonymous 2008-10-22 6:35

I only see a potential to put garbage there and have garbage on the stdout.
User is a kind of a random input generator.

Name: Anonymous 2008-10-22 8:24

>>1
To break this code I'd have to input a number bigger than INT_MAX or smaller than INT_MIN or hit EOF or have their sum being bigger than INT_MAX or smaller than INT_MIN.
All those scenarios invoke undefined behavior.

Name: Anonymous 2008-10-22 9:18

main = ((+) <$> readLn <*> readLn :: IO Integer) >>= print

Name: Anonymous 2008-10-22 9:34

>>2
There seems to be a /cast Defensive Stance missing from that macro, or is Charge now for all stances?

Name: Anonymous 2008-10-22 11:24

>>3

Then we must test every possible event that may lead into DOOM!
She will not sink, Mr. Dos. NOT ON MY WATCH.

Name: Anonymous 2008-10-22 11:56

>>6
new defensive tree talent lets charge be used in any stance, in and out of combat, and removes movement impairing effects.

Name: Anonymous 2008-10-22 12:36

>>1
The main declaration is invalid C99 code.
The printf statements might display after scanf has taken input due to line buffering.
And of course there is the complete lack of error checking.

Name: Anonymous 2008-10-22 15:03

>>9 The main declaration is invalid C99 code.

It's not invalid if gcc doesn't produce a warning:

~ $ echo "int main() {}" | gcc -c -std=c99 -Wall -Wextra -pedantic -xc -o main.o -

~ $

Name: Anonymous 2008-10-22 17:49

>>9

where's proof of your vile accusations?

Name: Anonymous 2008-10-23 5:34

Can't be hardened without rewriting it completely.

scanf() is a fucking black hole.

Name: Anonymous 2008-10-23 6:13

>>9
the C99 standard specifies that int main(void) { /* ... */ }, int main(int argc, char *argv[]) { /* ... */ }, or equivalent are valid in 5.1.2.2.1.
in 6.7.5.3 it specifies:
The special case of an unnamed parameter of type void as the only item in the list specifies that the function has no parameters.
and
An empty list in a function declarator that is part of a definition of that function specifies that the function has no parameters.
so int main(void) { /* ... */ } and int main() { /* ... */ } are equivalent.

>>12

#include <stdio.h>

#include <gmp.h>



#define READ_INTEGER(n) (<%\

 mpz_inp_str((n), stdin, 10);\

 fpurge(stdin);\

%>)



int main()<%

 mpz_t n1, n2;

 mpz_init(n1);

 mpz_init(n2);

 setvbuf(stdout, NULL, _IONBF, 0);

 setvbuf(stdin, NULL, _IOLBF, 0);

 printf("First integer:");

 READ_INTEGER(n1);

 printf("Second integer:");

 READ_INTEGER(n2);

 printf("Sum = ");

 mpz_add(n1, n1, n2);

 mpz_out_str(stdout, 10, n1);

 puts("");

 return 0;

%>

Name: Anonymous 2008-10-23 6:18

>>13
oops...
#define READ_INTEGER(n) (mpz_inp_str((n), stdin, 10), fpurge(stdin))

Name: Anonymous 2008-10-23 6:23

>>9 C99 does allow omitting arguments
>>10 gcc's -pedantic is not a magic option to find all incompatibilities with C99, program may be invalid even if gcc doesn't produce any warnings (I read about it some time ago on THE INTERNET)

Name: Anonymous 2008-10-23 6:58

>>13

what happens if the user enters 'zzzz' or something?

Name: Anonymous 2008-10-23 7:14

>>16
the value 0 is assigned to the variable and the 'zzzz' is ignored.

Name: Anonymous 2008-10-23 7:18

In Java... I would do-while it if the user doesn't provide good data.

Name: Anonymous 2008-10-23 7:35

>>18
if the user is that stupid, asking for an integer again is not likely to yield a different result.

Name: Anonymous 2008-10-23 7:42

>>19
defensive programming

Name: Anonymous 2008-10-23 8:16

>>18
tr \\0 z < /dev/zero | fold -w 4 | add_2_integers

Oh look, an infinite loop!

Name: Anonymous 2008-10-23 8:51

>>19
In C, I would print "\n?\n" every time user inputs something.

Name: Anonymous 2008-10-23 8:52

>>22
that's basically the source code to ed, isn't it

Name: Anonymous 2008-10-23 9:11

>>23
You must also make sure it handles ^D so it doesn't just end when it gets EOF.

Name: Anonymous 2008-10-23 9:12

sure, but what about the ASCII threat?
my plan...

#include <stdio.h>
#include <gmp.h>
#define READ_INTEGER(n) (mpz_inp_str((n), stdin, 10), fpurge(stdin))

int main()<%
mpz_t n1, n2;
mpz_init(n1);//    => Archers <=
mpz_init(n2);//    => go here <=
setvbuf(stdout, NULL, _IONBF, 0);//=|
setvbuf(stdin, NULL, _IOLBF, 0);// |
printf("First integer:");//    |
READ_INTEGER(n1);//    |
printf("Second integer:");// | <=== Large wall w/
READ_INTEGER(n2);//    | <=== spikes at bottom
printf("Sum = ");//    |
mpz_add(n1, n1, n2);// |
mpz_out_str(stdout, 10, n1);// |
puts("");//    >
return 0;//    > => Attackers <=
%>//    > => go here <=

Name: Anonymous 2008-10-23 9:14

>>25
Daw, my ascii art didn't work.

Name: Anonymous 2008-10-23 9:28

>>26
Read [faggotquotes]Structure and Interpretation of BBCODE[/faggotquotes].

Name: Anonymous 2008-10-23 9:44

>>23
It's a little more complicated than that...

/* Anonix ed - Version 1.0 */



#include <limits.h>

#include <signal.h>

#include <stdio.h>

#include <stdlib.h>



int main(void) {

  char line[LINE_MAX];

  signal(SIGINT, &int_handler);

  signal(SIGHUP, &hup_handler);

  signal(SIGQUIT, SIG_IGN);

  while(fgets(line, LINE_MAX, stdin) && strcmp(line, "q\n")) puts("?");

  return 0;

}



void int_handler(int){

  puts("?");

  fpurge(stdin);

}



void hup_handler(int){

  FILE * f;

  if(f = open("ed.hup", "w+")) fclose(f);

  if(getenv("HOME")){

   char path[strlen(getenv("HOME)) + 8];

   strcpy(path, getenv("HOME"));

   strcat(path, "/ed.hup");

   if(f = open(path, "w+")) fclose(f);

  }

  _Exit(0);

}

Name: Anonymous 2008-10-23 9:47

>>28
fixed:

/* Anonix ed - version 1.0 */



#include <limits.h>

#include <signal.h>

#include <stdio.h>

#include <stdlib.h>

#include <string.h>



void int_handler(int);

void hup_handler(int);



int main(void) {

  char line[LINE_MAX];

  signal(SIGINT, &int_handler);

  signal(SIGHUP, &hup_handler);

  signal(SIGQUIT, SIG_IGN);

  while(fgets(line, LINE_MAX, stdin) && strcasecmp(line, "q\n")) puts("?");

  return 0;

}



void int_handler(int n){

  puts("?");

  fpurge(stdin);

}



void hup_handler(int n){

  FILE *f;

  if(f = fopen("ed.hup", "w+")) fclose(f);

  if(getenv("HOME")){

   char path[strlen(getenv("HOME")) + 8];

   strcpy(path, getenv("HOME"));

   strcat(path, "/ed.hup");

   if(f = fopen(path, "w+")) fclose(f);

  }

  _Exit(0);

}

Name: Anonymous 2008-10-23 10:59

char line[LINE_MAX];
This is unlikely to work, as Anonix defines LINE_MAX equal to INT_MAX.

Name: Anonymous 2008-10-23 11:32

>>30
More likely they define it to something like 32 to reduce memory bloat.

Name: Anonymous 2008-10-23 11:34

>>30
Anonix doesn't (yet) define LINE_MAX.

POSIX only specifies that LINE_MAX must be at least 2048:
http://www.opengroup.org/onlinepubs/000095399/basedefs/limits.h.html
{LINE_MAX}
Unless otherwise noted, the maximum length, in bytes, of a utility's input line (either standard input or another file), when the utility is described as processing text files. The length includes room for the trailing <newline>.
Minimum Acceptable Value: {_POSIX2_LINE_MAX}
{_POSIX2_LINE_MAX}
Unless otherwise noted, the maximum length, in bytes, of a utility's input line (either standard input or another file), when the utility is described as processing text files. The length includes room for the trailing <newline>.
Value: 2 048

defining LINE_MAX equal to INT_MAX is stupid and would break a lot of existing code:
http://www.google.com/codesearch?as_q=char\s%2B\w%2B[LINE_MAX\]%3B&btnG=Search+Code&as_lang=c&as_case=y
Results 1 - 10 of about 2,000. (0.05 seconds)

Name: Anonymous 2008-10-23 11:39

>>32
also, http://www.opengroup.org/onlinepubs/000095399/functions/fgets.html gives this example:
#include <stdio.h>
...
char line[LINE_MAX];
...
while (fgets(line, LINE_MAX, fp) != NULL) {
...
}
...

Name: Anonymous 2008-10-23 13:13

>>32
defining LINE_MAX equal to INT_MAX is stupid and would break a lot of existing code:
Now you know the POWER of Anonix.

Name: Anonymous 2008-10-23 16:39

>>32
ANONIX is impervious to POSIX.

Name: Anonymous 2008-10-24 0:08

>>32
defining LINE_MAX equal to INT_MAX is stupid and would break a lot of existing code:
That existing code is broken anyway if it assumes that LINE_MAX is going to be much less than INT_MAX.

POSIX says nothing about the maximum value of LINE_MAX; in fact all you're guaranteed is that it's going to be >= 2048.

>>33
lol, their own code is broken.

Name: Anonymous 2008-10-24 1:34

POSIX says nothing about the maximum value of LINE_MAX; in fact all you're guaranteed is that it's going to be >= 2048.
well, there is this:
http://www.opengroup.org/onlinepubs/000095399/utilities/tail.html
Tails relative to the end of the file may be saved in an internal buffer, and thus may be limited in length. Such a buffer, if any, shall be no smaller than {LINE_MAX}*10 bytes.

so if tail uses an internal buffer for tails relative to the end of a file, LINE_MAX can't possibly be more than UINTPTR_MAX / 10.
is there any way to implement tail without using an internal buffer for tails relative to the end of a file?

Name: Anonymous 2008-10-24 1:46

>>37
It's "may be", not "must be".

If the file is a regular file, just seek to the end and read backwards until you're at the point where you need to start tailing, if it's a file of possibly unbounded length then you only need to keep the last n lines/bytes in some sort of dynamically allocated expanding ring buffer (like a FIFO). Of course, positions relative to the beginning of the file are trivial: just keep consuming input (unseekable) until the position is reached, or seek (bounded, seekable) to the position.

...I should probably go write anoncoreutils tail now.

Name: Anonymous 2008-10-24 2:04

if it's a file of possibly unbounded length then you only need to keep the last n lines/bytes in some sort of dynamically allocated expanding ring buffer (like a FIFO).

Name: Anonymous 2008-10-24 2:12

What the fuck /prog/??
You should write your test cases before you write even a single line of production code!!

Name: Anonymous 2008-10-24 3:26

>>40
Fuck your test cases and enterprise best practices.

Name: Anonymous 2008-10-24 6:20

What the fuck /prog/??
You should prove your programs correct before you write even a single line of production code!!

Name: Anonymous 2008-10-24 14:15

I have a scheme macro that automatically creates all possible test cases for me. Unfortunately I created it at work and I signed a non-disclosure agreement with my boss, so I can't share it with the world forever.

Name: Anonymous 2008-10-24 14:36

>>43
quickcheck

Name: Anonymous 2008-10-24 14:45

>>44
back to /haskell/, please.

Name: Anonymous 2008-10-24 20:41

>>41
defensive programming

Name: Anonymous 2008-10-25 16:28

Xarn provides me with my daily crack fix.

Name: Xarn 2008-10-25 16:36

>>47
Xarn here, just want to let everyone know that I do not condone illegal activities.

Xarn, over and out.

Name: Anonymous 2008-10-29 6:23

#include <stdio.h>
int main () {
char character;
printf("ASCII:");
scanf("%c", &character);
printf("%d\n", character);
return 0;
}

Am I doing it right?

Name: Anonymous 2008-10-29 16:41

This thread is threadstopped. You can't reply anymore.

Name: Anonymous 2008-10-29 17:00

>>50
damn

Name: Anonymous 2008-10-29 23:38

>>51
I think Xarn is to blame.

Name: Anonymous 2008-10-30 0:18

>>50
if this was your task .. yeah, But pls .. optimize this shit of code

Name: Anonymous 2009-03-06 13:54

Threadstopped.

Defensive Programming Squad

1 Name: Anonymous 2008-10-22 5:59

2 Name: Anonymous 2008-10-22 6:31

3 Name: Anonymous 2008-10-22 6:35

4 Name: Anonymous 2008-10-22 8:24

5 Name: Anonymous 2008-10-22 9:18

6 Name: Anonymous 2008-10-22 9:34

7 Name: Anonymous 2008-10-22 11:24

8 Name: Anonymous 2008-10-22 11:56

9 Name: Anonymous 2008-10-22 12:36

10 Name: Anonymous 2008-10-22 15:03

11 Name: Anonymous 2008-10-22 17:49

12 Name: Anonymous 2008-10-23 5:34

13 Name: Anonymous 2008-10-23 6:13

14 Name: Anonymous 2008-10-23 6:18

15 Name: Anonymous 2008-10-23 6:23

16 Name: Anonymous 2008-10-23 6:58

17 Name: Anonymous 2008-10-23 7:14

18 Name: Anonymous 2008-10-23 7:18

19 Name: Anonymous 2008-10-23 7:35

20 Name: Anonymous 2008-10-23 7:42

21 Name: Anonymous 2008-10-23 8:16

22 Name: Anonymous 2008-10-23 8:51

23 Name: Anonymous 2008-10-23 8:52

24 Name: Anonymous 2008-10-23 9:11

25 Name: Anonymous 2008-10-23 9:12

26 Name: Anonymous 2008-10-23 9:14

27 Name: Anonymous 2008-10-23 9:28

28 Name: Anonymous 2008-10-23 9:44

29 Name: Anonymous 2008-10-23 9:47

30 Name: Anonymous 2008-10-23 10:59

31 Name: Anonymous 2008-10-23 11:32

32 Name: Anonymous 2008-10-23 11:34

33 Name: Anonymous 2008-10-23 11:39

34 Name: Anonymous 2008-10-23 13:13

35 Name: Anonymous 2008-10-23 16:39

36 Name: Anonymous 2008-10-24 0:08

37 Name: Anonymous 2008-10-24 1:34

38 Name: Anonymous 2008-10-24 1:46

39 Name: Anonymous 2008-10-24 2:04

40 Name: Anonymous 2008-10-24 2:12

41 Name: Anonymous 2008-10-24 3:26

42 Name: Anonymous 2008-10-24 6:20

43 Name: Anonymous 2008-10-24 14:15

44 Name: Anonymous 2008-10-24 14:36

45 Name: Anonymous 2008-10-24 14:45

46 Name: Anonymous 2008-10-24 20:41

47 Name: Anonymous 2008-10-25 16:28

48 Name: Xarn 2008-10-25 16:36

49 Name: Anonymous 2008-10-29 6:23

50 Name: Anonymous 2008-10-29 16:41

51 Name: Anonymous 2008-10-29 17:00

52 Name: Anonymous 2008-10-29 23:38

53 Name: Anonymous 2008-10-30 0:18

54 Name: Anonymous 2009-03-06 13:54

55 Name: Anonymous 2010-11-14 6:02

56 Name: Anonymous 2010-12-27 12:45

57 Name: Anonymous 2011-02-03 3:39

58 Name: Anonymous 2011-02-03 5:58