Safe coding practices (was Re: Bug in users command)
Bob Manson
manson at iguana.cis.ohio-state.edu
Sun Jan 27 08:49:09 AEST 1991
In article <60 at garth.UUCP> smryan at garth.UUCP (Steven Ryan) writes:
>Recompile what? Is the source always available? Is the build process
>properly documented and all build files available? Is the routine
>coded so that Joe Average can fix, recompile, and continue in five
>minutes? Do you what Joe Average is going to think of you afterwards?
I know what I thought of the "person" that hard-coded a limit on
the # of /etc/magic entries in AT&Ts file program...and it wasn't
kind. No, I didn't have source. No, I couldn't recompile. The
solution was to write a replacement that didn't have any such
stupid limit coded in it.
>Why is it difficult for so-called programmers to avoid arbitrary limits?
Because they don't care. I've met several people who call themselves
"programmers" that think writing portable, reasonably limit-free code
is a joke. They've just got a job to get done, a hacky piece of code
to be written, and they don't care what it looks like or if it'll work
a year from now.
I tend to write any program as if I were going to show it to someone
else, someone who could appreciate it and say "That's a really sharp
implementation" as opposed to "Who wrote this piece of shit?" I tend
to do this simply because I've had to port a wide range of software to
various machines, and I can't say that I was pleased to have worked on
most of it. I really don't want someone calling me some of the names
I've been calling others.
You think 1000 users is a large number in a users program? Suppose I
decide to start recording all users over a large network in my utmp
file? (Wouldn't that be nice...how I hate rwho.) I'll bet that in a
few years, 1000 will be far too small....and I won't be able to
recompile your program, because let's face it, 99.9% of all Unix
distributors don't give source. So get a grip, take the time to create
data structures that don't involve fixed-sized arrays, and a lot of
people will be much happier with you. I know it's hard to think that
not everyone has two machines & 10 users, but it's true.
>...!uunet!ingr!apd!smryan Steven Ryan
Bob
manson at cis.ohio-state.edu
More information about the Comp.bugs.4bsd.ucb-fixes
mailing list