Op 02-03-14 11:41, Stefan Behnel schreef:
> Haven't seen any mention of it on this list yet, but since it's such an
> obvious flaw in quite a number of programming languages, here's a good
> article on the recent security bug in iOS, which was due to accidentally
> duplicated code not actually being as indented as it looked:
>
> https://www.imperialviolet.org/2014/02/22/applebug.html
>
> Stefan
>
Well I can give an example where accidentally duplicated code can get
you in trouble with python and which would be easily caught in C.
If you accidentally duplicate the first half of a function. Chances
are python will just accept it, because it is unlikely the last line
that was duplicated was an if, for or while line. So your half
duplicated function is probably legal python.
However it is very unlikely that the braces will match so you will
very likely get a compilation error.
IMO the problem with C, is not that indentation is not part of the
language. The problem is that after an if, for or while, you get
the choice between putting either one simple statement or a block.
I doubt you would get this problem in a language like modula2 where
an if, for or while statement is always followed by a block, terminated
with "END". So with modula like syntax the code would have looked like
IF (err := SSLHashSHA1.update(&hashCtx, &signedParams)) != 0 THEN
goto fail;
goto fail;
END
which wouldn't have been a problem
Or it might have looked like this
IF (err := SSLHashSHA1.update(&hashCtx, &signedParams)) != 0 THEN
goto fail;
END
goto fail;
This would have produced the same problem but it would also have
stood out because the second goto is indented in a place where
it is obvious it doesn't match the program structure.
--
Antoon Pardon
--
https://mail.python.org/mailman/listinfo/python-list
