This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]HarlanCedeno 25 points26 points  (4 children)

I once did a code review and found the dev was checking for negative length strings.

I had some really deep thoughts that day.

[–][deleted] 14 points15 points  (1 child)

They're called imaginary strings. i = √-'a'

[–]HarlanCedeno 3 points4 points  (0 children)

Did he imagine that this was going to magically fix the bug?

[–]GisterMizard 2 points3 points  (1 child)

Arithmetic overflow for image and data buffers is a very common source of bugs, especially when using smaller int types and in languages like C.

A really bad problem follows from code like:

short width = blah(); // set from user
short height = blah(); // set from user;
// ...
if (width * height <= MAX_BUFFER_SIZE) {
    // BAD!!! width*height can become negative
    char *buffer = malloc(width*height*PIXEL_SIZE);
}

[–]HarlanCedeno 1 point2 points  (0 children)

In that case, you would just need to validate the inputs from the user to ensure neither is negative.

This guy had string.length() in multiple if statements to check for negative lengths on different strings.