The Daily WTF: Curious Perversions in Information Technology

Stringify All the Things!

by Remy Porter in CodeSOD on 2014-09-30

When Justin submitted this C# code, he knew what line to include in the subject line of the email to get our attention:

if (String.Empty == null) GC.KeepAlive(string.Empty);

43 comments - Last comment @ 2014-10-07

A Pentester's Paradise

by Mark Bowytz in CodeSOD on 2014-09-25

Tom works as a pentester and, as such, gets paid big bucks for finding flaws in his clients' websites usually because he has to find less than obvious 'gotcha'-level flaws.

While testing a critical web application for a very large corporate client, he noticed some odd behavior surrounding a page that validates user logins.

24 comments - Last comment @ 2014-09-26

Going Out of Style

by Bruce Johnson in CodeSOD on 2014-09-23

The process of optimizing the CSS used in a web site can be quite complicated. The subtle interplay between selectors, attributes, specificity, inheritance and the DOM elements can significantly impact the outcome. Style guides can be a thing of elegant beauty, to be admired by many and revered by those steeped in the dark arts of styling.

There there's the code that George found when he took on the task of migrating a 1990's-era web site. Nobody expects code from a 15 year-old web site to be up to current standards. But there are limits. George's spidey sense started tingling when he found a file named 'css.php'. A look inside didn't do anything to turn the alarm bells off.

48 comments - Last comment @ 2014-10-10

Failure to Leap

by Dan J. in CodeSOD on 2014-09-17

When you're a developer like Joe, and your clients all have dedicated servers, and they all call at the same time to complain that their servers have gone down, you can't help but start hoping there was an earthquake. Unless the data center housing all that dedicated hardware was wiped off the face of the earth, the bug was going to be in your software. And sure enough, in the midst of the legacy C++ module responsible for processing the day's transactions, Joe found this:

bool done = false;
while(!done)
{
    try
    {
        //I'm not sure if having a log entry for the irregular
        //Febuary[sic] 29th will destroy everything else.
        //To be on the safe side, we'll just wait 'til tomorrow instead
        Date *currentDate = new Date();
        int DOY = currentDate->dayOfYear();
        if( DOY == 60 && //day 60 is feb 29
            ( lastDigit(currentDate->year()) == 0 ||
              lastDigit(currentDate->year()) == 4 ||
              lastDigit(currentDate->year()) == 8))
        {
            while(currentDate->dayOfYear() == 60) { currentDate = new Date(); }
        }
        else
        {
            //SNIP: code that actually runs part of the maintenance
            done = true;
        }
    }
    catch(...) {} //If we failed we need to try again until we succeed
}

111 comments - Last comment @ 2021-12-02

The Erlking

by Remy Porter in CodeSOD on 2014-09-15

Visual Basic’s error handling is its own special WTF in itself. For those that haven’t had to suffer through it, you can set the error-handling mode with a special On Error statement. For example, On Error Resume Next, is a delightful statement that tells Visual Basic to simply ignore errors, and continue execution. A good programmer will know to check errors with conditional statements.

More common, is the On Error Goto ErrHandler approach. As the code implies, when an error occurs, this simply executes a goto to jump to a specific label, with all of the fun that goto statements normally include.

45 comments - Last comment @ 2018-03-29

XXL XML

by Mark Bowytz in CodeSOD on 2014-09-11

At his day job, Peter writes code for the manufacturing industry and, in doing so, works a lot with PLCs from GE. As of late, he's been working on an application that processes XML configuration files exported from GE's main programming IDE "Machine Edition" to generate extremely complex diagnostic information that the IDE doesn't provide. You know, things like, "Has that variable that you are using in a calculation ever been initialized?"

As he was looking through a 23,000 line configuration file that described the hardware setup of a particular project, Peter discovered 8,000 lines like the following that were used to store binary blob data.

36 comments - Last comment @ 2014-09-14

Ancient Daze

by snoofle in CodeSOD on 2014-09-09

Although we're professionals now, we all started out as humble students - wide-eyed and innocent of the ways of proper coding practices in the corporate world. Back then, everything was new, and we had no real way of knowing whether what we were looking at was wizardry or WTF.

When C. T. was still in school, he ran across a routine for validating dates. It was written in lowly assembler. He found it fascinating, and spent a great deal of time examining its innards. It was designed to run on a 32-bit machine that lacked multiply or divide instructions. It also did something else unusual for the day: it worked on four digit years.

61 comments - Last comment @ 2014-09-11

Feeling Validated

by Bruce Johnson in CodeSOD on 2014-09-04

Ugh...Address validation. Take some address strings, add to that a city, state, postal code, and country... make sure they are are all look syntatically 'valid' based on some business logic - it's not as easy as we'd hope to be able to handle EVERY possibility. But, no matter WHAT you come up with, I can guarantee that it's guaranteed to be much easier to digest than the block of validation code discovered by Mickey.

According to Mickey, there are a couple of special rules for this address validation that result in some of the WTF-ness. If an address is changed, and it's "close" to existing address, then the user needs to be prompted to confirm the address. And this prompt shouldn't take place unless the address itself has been changed. Wanna bet that the user specification for 'close' included the phrase 'you know what I mean'? That's probably the reason why the code doesn't actually address the idea of 'closeness'...the developers are still waiting for the definition.

67 comments - Last comment @ 2014-09-09

The Fizz Buzz from Outer Space

by Remy Porter in CodeSOD on 2014-09-02

Matteo recently interviewed a candidate that was employed elsewhere as an “architect”. His responses to the standard soft-skills questions sounded a bit rehearsed, which made Matteo suspicious, so he started asking some more technical questions, like: “What’s the difference between an interface and an abstract class?”

“Well, in some logarithms , an interface is going to be internal to the system, but an abstract class has terminators that make it external.”

145 comments - Last comment @ 2017-05-20

Recent CodeSOD