- Feature Articles
- CodeSOD
- Error'd
-
Forums
-
Other Articles
- Random Article
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
password=new random(null);
Admin
He certainly didn't
for(c)that coming.Admin
C was already used as the variable name.
Admin
"A sailor went to C C C, "To C what he could C C C, "But all that he could C C C, "Was the bottom of the deep blue C C C."
That kind of pirate, I guess.
Addendum 2019-10-14 07:22: GDMF GDMF Stupid stupid stupid forum software.
"A sailor went to C C C,
"To C what he could C C C,
"But all that he could C C C,
"Was the bottom of the deep blue C C C."
Admin
TRWF is not using regex (never thought I'd say that!)
Admin
I get where you're coming from, but we have to try and remember that sometimes a regex is a perfectly cromulent solution.
Admin
While it's obvious there is a 'C' missing in UPPERCASE_LETTERS, UPPERCASE_LETTERS isn't used in the method countMatches. Remy: Function overloading- the call inside the method is passing a character, not a string, so it's calling a different countMatches method.
Admin
Captain Obvious here ... let's assume that countMatches is called with UPPERCASE_LETTERS as on the second input parameters to the method ... I guess it can still be messed up, but yeah. I only "C" the first reported WTF's.
Admin
Am I missing something or does the code as presented just throw a stack overflow exception after repeatedly calling
countMatcheson the first character ofcharlist?Admin
We joined the Navy To C the C And what did we C? We saw the C!
Admin
So much to comment on this...
Real Programmers use C, because it is the easiest language to spell.
Obviously this is not a Real Programmer, it looks a lot like Java (and I am all for it)...
Admin
Why not just implement a static {} block that fills the final static private field in a loop from A to Z? At least then you can maintain and debug that way more easily when you may have forgotten which letters start and finish the alphabet.
Admin
Fix this with
UPPERCASE_LETTERS = UPPERCASE_LETTERS ++C++
Admin
Umm, what? UPPER_CASE_LETTERS is never used in countMatches. And countMatches call itself recursively, passing the first characgter from the second parameter in to the inner call. So if the second parameter has at least one character, it will go into an infinite recursion loop.
Admin
My brain hurts now. What the hell is that snippet even supposed to be??
Admin
UPPER_CASE_LETTERS is the first charList passed in by whoever is calling this.
Then the countMatches in the loop is a DIFFERENT countMatches (notice the prefix).
Yes, it's all hideous. TRWTF as usual is not just doing a quick loop using the builtin .IsUpper() method. Whatever language/framework this is, it exists, I guarantee it. And then while you're doing that loop you can do the .IsNumber(), .IsSpecial(), blah blah blah because your password rules probably use those too.
Admin
Non-Latin uppercase characters anyone?
Admin
These clowns couldn't even handle Latin 'C', much less Ü.
Addendum 2019-10-14 15:58: Edit: I am somewhat surprised to see that this godforsaken commenting system actually handles Ü
Admin
StringUtils, btw, is that a class from the hideous library from a couple of days ago? I dare not look back, I need my eyesight for a few years longer.
Admin
I'm more surprised that it handles upper-case 'C'.
Admin
reminds me of an older story where someone tried to validate dates using the string "janfebmar-"...it would accept "anf" and "nfe" as valid!
Admin
Which should hopefully also let it handle non-English uppercase letters.
Admin
TRWTF is promoting hard-to-memorize passwords by demanding usage of multiple character classes (while being dreadfully monolingual), rather than promoting password length through passphrases. The hash of even the most complex short (<9 character) password is easily brute-forced by GPU's these days. https://pages.nist.gov/800-63-3/