Peace For All

September 27, 2006

Response to: Making a mountain out of a molehill (of bugs)

Filed under: Programming, technology — Devlin Bentley @ 1:58 pm

Letting bugs pile up is bad. This should be obvious.

My internship last year was lucky in two ways. The first was that the company was in a bug squishing phase, so I could count on feedback to my bug reports sometimes in a manner of hours.

The second bit of luck was that as a developer, I was able to gain a comprehension of the underlying foundations of the system. Using this comprehension, I was able to break the system in many creative and painful ways.

Examples include realizations that a particular operation was not truly atomic (DB corruption issues), to my favorite when I caused a buffer overflow by installing the Japanese Language Pack and started writing hiragana characters in to fields that expected just English text.

The Japanese exploit was my favorite one, if solely because it allowed me the opportunity to witness first hand (but not have to be involved in the fixing of!) the results of making assumptions about a user’s nationality, and about something so simple as how big a char should be. Using Unicode 100% through an application can be difficult, it only takes a single call to a function in some API that assumes 8 bit chars to break everything. Of course everyone knows that by now, but who actually tests it to that extreme?

Giving bug reporters quick feedback is essential for a programming team to do. QA is your enemy, and they are also your best friends. Remember that QA’s job is to poke you with a sharp stick now, so that you do not end up blowing off your entire leg with a shotgun later on down the line!

Advertisements

1 Comment »

  1. Thanks for the response to Making a mountain out of a molehill.

    Comment by engtech — September 27, 2006 @ 2:28 pm


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: