Florian’s office has a “rule of ten”. Well, they don’t, but one of Florian’s co-workers seems to think so. This co-worker has lots of thoughts. For example, they wrote this block, which is supposed to replace certain characters with some other characters.

sbyte sbCount = 0;
// set value of new field content to old value
sNewFieldContent = sFieldContent;
while (rFieldIdentifierRegex.Match(sNewFieldContent).Success) {

        // for security reasons
        if (++sbCount > 10)
                break;

        // get identifier and name
        string sActFieldSymbol = rFieldIdentifierRegex.Match(sNewFieldContent).Groups[1].Value;
        string sActFieldName = rFieldIdentifierRegex.Match(sNewFieldContent).Groups[2].Value;
        string sActFieldIdentifier = sActFieldSymbol + sActFieldName;

        // default value for unknown fields is an empty string
        string sValue = "";

        [... calculate actual replacement value ...]

        // replace value for placeholder in new field content
        sNewFieldContent = sNewFieldContent.Replace(sActFieldIdentifier, sValue);
}

As Florian puts it:

Having more matches than 10 inside one line is obviously a security risk (it isn’t) and must be prohibited (it mustn’t) because that would cause erroneous behavior in the application (it doesn’t).

[Advertisement] Infrastructure as Code built from the start with first-class Windows functionality and an intuitive, visual user interface. Download Otter today!