Recent CodeSOD

Code Snippet Of the Day (CodeSOD) features interesting and usually incorrect code snippets taken from actual production code in a commercial and/or open source software projects.

Mar 2021

A Query About Parsing

by in CodeSOD on

Query strings are, as the name implies, strings. Now, pretty much any web application framework is going to give you convenient access to the query string as a dictionary or map, because at the end of the day, it is just key/value pairs.

But what's the fun in that? Glen's application needed to handle query strings in the form: zones=[pnw,apac]&account_id=55. Now, enclosing the list in square brackets is a little odd, but actually makes sense when you see how they parse this:

A Warning Label

by in CodeSOD on

An anti-pattern I've seen too many times is using display text to drive logic. For example, I've see things like:

void btnClick(Object sender, EventArgs evt) { if (((Button)sender).Text.Contains("Done")) { … } }

Constant Success

by in CodeSOD on

Dan was reviewing some PHP code written by a co-worker, as part of taking on a project. The code was in “support” mode, rarely receiving changes, getting bug fixes only when absolutely necessary, and nobody really wanted to be the person responsible for it.

One of those “not absolutely necessary” bugs was that sometimes, it just didn’t save data. The user would enter a product listing, hit save, get a success message back, but the listing wouldn’t actually be saved. No one had really dug into it, because having the end user do double data entry didn’t bother anyone but the end user.

The Threat of Existence

by in CodeSOD on

Imagine, if you will, that you see a method called FileExists. It takes a string input called strPath, and returns a bool. Without looking at the implementation, I think you'd have a very good sense of what it's supposed to do. Why, you wouldn't even expect much documentation, because the name and parameters are really clear about what the method actually does.

Unless this method was in the C# codebase "AK" inherited. In that case, the behavior of FileExists might surprise you:

For Gotten About Loops

by in CodeSOD on

Today's sample comes from Vasiliy, with no real explanation for where it is, or where it comes from. Frankly though, it doesn't need much setup.

switch (checks) { case 0: return new object[] { checkerSummary }; case 1: return new object[] { "", checkerSummary }; case 2: return new object[] { "", "", checkerSummary }; case 3: return new object[] { "", "", "", checkerSummary }; case 4: return new object[] { "", "", "", "", checkerSummary }; case 5: return new object[] { "", "", "", "", "", checkerSummary }; case 6: return new object[] { "", "", "", "", "", "", checkerSummary }; case 7: return new object[] { "", "", "", "", "", "", "", checkerSummary }; case 8: return new object[] { "", "", "", "", "", "", "", "", checkerSummary }; case 9: return new object[] { "", "", "", "", "", "", "", "", "", checkerSummary }; case 10: return new object[] { "", "", "", "", "", "", "", "", "", "", checkerSummary }; case 11: return new object[] { "", "", "", "", "", "", "", "", "", "", "", checkerSummary }; case 12: return new object[] { "", "", "", "", "", "", "", "", "", "", "", "", checkerSummary }; case 13: return new object[] { "", "", "", "", "", "", "", "", "", "", "", "", "", checkerSummary }; case 14: return new object[] { "", "", "", "", "", "", "", "", "", "", "", "", "", "", checkerSummary }; case 15: return new object[] { "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", checkerSummary }; case 16: return new object[] { "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", checkerSummary }; case 17: return new object[] { "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", checkerSummary }; case 18: return new object[] { "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", checkerSummary }; case 19: return new object[] { "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", checkerSummary }; case default: return new object[] { checkerSummary }; }

Reaching for Private Parts

by in CodeSOD on

Jaco was adding some caching to a Java application. Quite wisely, Jaco wrote plenty of tests around his change, ran the test suite, and confirmed everything was green. It ran fine in testing, but when it went to production, everything failed.

Well, as it turned out, the configuration for the production environment loaded slightly different Java classes. One of those "only-loaded-in-production" modules did this:

Not Exceptional

by in CodeSOD on

One of the powers of structured exception handling is that it lets you define your own exception types. That's useful, as your code can communicate a lot of information about what's gone wrong when you use your own custom exceptions.

But sometimes, the custom exception type leaves us asking more questions. Christophe found this Java code from a "big application for a big company".

Two Knowing Comments

by in CodeSOD on

Sometimes, it really is the comment which makes the code. Sometimes, the comments make simple (but still more complex than it needs to be) code less clear.

For example, Thomas provides this code, and comment, which… I understand what is happening here, despite the comment:

A Big Raise

by in CodeSOD on

Everyone likes getting a pay raise. Well, I suppose it depends on why. And HR isn't going to be too happy about your raise if it comes as the result of an easy-to-avoid software bug.

Cédric V's company makes payroll software mostly used in and around France. One of their customers had a problem: when paying employees, it would give them a significant raise- sometimes by two orders of magnitude, rarely by three or four.

A Range of Skills

by in CodeSOD on

Ulvhamne works on a team with over a hundred other developers. It's a big group, working on a huge project. And some of the quality in that code base gets… variable. Worse, when a bug pops up, it can be tricky to even identify what in the code is triggering the bug, let alone what the root cause is.

For example, one of the config-file fields needed a number to specify the beginning and end of a range. If you put in a relatively short range- thousands or hundreds of values- everything worked fine. That was a pretty typical use case. But if you put in something closer to MAX_INT, everything worked fine for a little bit, but within moments the server would grind to a halt, memory would fill up, and the OS would hang as it ended up constantly thrashing pages to disk.

A Type of Code

by in CodeSOD on

Like the war between Emacs and Vim, developers also tend to wage a war between "strongly typed" and "loosely typed" languages. There are tradeoffs either way, and I think that's why you see things like TypeScript and Python's type annotations starting to creep into loosely typed languages- types when you need them, but not required. But if you're not comfortable with types, and don't really understand type casting, you might start writing some code like, well, like these examples.

Sashi found this C# code:

Leave Some Comments Behind

by in CodeSOD on

We have a lot of stories about the code coming from offshore/outsourced developers being of low quality. Today, Radu S sends us the reverse. He used to work for one of those offshore development shops. A customer started development in-house, and then decided that they didn't want to support their own code anymore, and shipped it off to Radu's company.

This block represents what he's working with:

Last One In

by in CodeSOD on

A lesson that everyone learns at some point is "don't write your own authentication code." Authentication, like encryption, and like dates, is incredibly complex and has all sorts of ways you can subtly mess it up and not realize your mistake.

Take, for example, this code from Christopher. His peer wrote this code, added a single test record to the database, saw that it worked, and called it a day.

Double Your Value

by in CodeSOD on

There are many ways to debug your code. You might use an actual graphical debugger, wrestle with GDB, just spam print statements, or rely on a logging framework to help you generate useful diagnostic output.

Since you're going to need some logging output no matter what, it's always good to heavily instrument your code. Using logging levels, you can control quite well what gets dumped when. Well, "LostLozz" had a co-worker who found an… interesting way to control logging.

The Secret to Success

by in CodeSOD on

"I was once working for a company that primarily dealt with Oracle products," Tai writes.

That vendor, who shall not be named again, provided an installer. Tai ran it, and it failed. Since the installer was a shell script, she opened up the file and took a look.

A Terned Around Discount

by in CodeSOD on

If you browse the Errords, it's easy to see that "giving customers a discount" is apparently harder than it looks.

Brian's company had one of those "discounts are hard" problems, way back when. Sometimes instead of a discount reducing the price, it would raise it. The root cause was that the sales team setting up the promotions weren't clear about whether the discount amount should be a negative or positive number. Instead of adding validation to ensure they always entered a negative (or at least, a zero amount), one of Brian's predecessors fixed the bug in their C# like this: