Recent CodeSOD

Code Snippet Of the Day (CodeSOD) features interesting and usually incorrect code snippets taken from actual production code in a commercial and/or open source software projects.

Apr 2024

Finding the Right Size

by in CodeSOD on

Zeke sends us a C# snippet from an extract-transform-load process his company uses. It's… special.

private void ResizeColumn(string table, string column, int minSize)
{
    if(null == _connection) return;

    string sqlReadSize = "SELECT DATA_LENGTH,DATA_TYPE,DATA_PRECISION,DATA_SCALE FROM USER_TAB_COLS WHERE TABLE_NAME = '" + table.ToUpper() + "' AND COLUMN_NAME = '" + column.ToUpper() + "'";
    string data_length = "";
    string data_type = "";
    string data_precision = "";
    string data_scale = "";
    string sizeInfo = minSize.ToString();
    
    IDataReader r = null;

    try
    {
        r = _connection.DbAccessor.ExecuteSqlText.ExecuteReader(sqlReadSize);
        if(null != r && r.Read())
        {
            if(!r.IsDBNull(0)) data_length = Convert.ToString(r[0]);
            if(!r.IsDBNull(1)) data_type = Convert.ToString(r[1]);
            if(!r.IsDBNull(2)) data_precision = Convert.ToString(r[2]);
            if(!r.IsDBNull(3)) data_scale = Convert.ToString(r[3]);

            r.Close();
            r = null;

        }
    }
    catch(Exception ex)
    {
        System.Diagnostics.Debug.WriteLine(ex.Message);
        return;
    }
    finally
    {
        if(null != r)
        {
            r.Close();
            r = null;
        }
    }
    if(data_type == "NUMBER")
    {
        return;
    }

    if(data_type == "DATE")
    {
        return;
    }

    if(data_type == "CLOB")
    {
        return;
    }

    if(data_type == "BLOB")
    {
        return;
    }
    
    if(minSize <= Convert.ToInt32(data_length))
    {
        return;
    }

    string sqlAlterSize = "ALTER TABLE " + table + " modify " 
        + column.ToUpper() + " " + data_type + "(" + sizeInfo + ")";


    try
    {
        _connection.DbAccessor.ExecuteSqlText.ExecuteScalar(sqlAlterSize);
    }
    catch(Exception ex)
    {
        System.Diagnostics.Debug.WriteLine(ex.Message);
        return;
    }
}

Article tF7q2

by in CodeSOD on

When I first saw Nick L's submission, I thought to myself, "This is just decompiled code, so of course the names are bad."

 Public Function tF7q2() As String
     Dim SelectedtF7q2 As String = Request.QueryString("tF7q2")
     tF7q2 = SelectedtF7q2
 End Function

Unaccountable Counting

by in CodeSOD on

Ulvhamne sends us some bad code that, well, I think at this point we should really coin a name for this particular anti-pattern.

    @Override
    public int getNumOfItemsInDataContainer(int parDataId)
    {
        int numberOfItems = 0;
        for (Integer x : myTransactionDataContainerMap.keySet())
        {
                numberOfItems ++;
        }
        return numberOfItems;
    }

Query Query Query

by in CodeSOD on

Bob's employer had a data-driven application which wasn't performing terribly well. They had some in-house database administrators, but their skills were more "keep things running," and less "do deep optimizations". The company opted to hire a contract DBA to come in, address the performance problems, and leave.

In actual fact, the DBA came in, ran some monitoring, and then simply wrote some guidance- generic, and frankly useless guidance. "Index on frequently queried fields," and "ensure database statistics are gathered on the appropriate schedule."


An Obsolete Approach

by in CodeSOD on

Marcus's team was restructuring the API, and the architect thus wanted a number of methods marked obsolete, to encourage developers to move to the new version of the API. So the architect created a Jira task, assigned it to a dev, and moved on.

Somehow, this C# code got committed and merged, despite being code reviewed:


Concrapenate Strings

by in CodeSOD on

As oft discussed, null-terminated C-style strings are an endless source of problems. But there's no problem so bad that it can't be made worse by a sufficiently motivated developer.

Today's rather old code comes from Mike, who inherited an old, MFC application. This code is responsible for opening a file dialog, and the key goal of the code is to configure the file filter in that dialog. In MFC, this is done by passing a delimited string containing a caption and a glob for filtering. E.g., "Text Files (.txt) | *.txt" would open a dialog for finding text files.


A List of Mistakes

by in CodeSOD on

Yesterday we talked about bad CSS. Today, we're going to talk about bad HTML.

Corey inherited a web page that, among other things, wanted to display a bulleted list of links. Now, you or I might reach for the ul element, which is for displaying bulleted lists. But we do not have the galaxy sized brains of this individual:


Classical Design

by in CodeSOD on

There is a surprising amount of debate about how to use CSS classes. The correct side of this debate argues that we should use classes to describe what the content is, what role it serves in our UI; i.e., a section of a page displaying employee information might be classed employee. If we want the "name" field of an employee to have a red underline, we might write a rule like:

.employee .name { text-decoration: underline red; }

A Small Partition

by in CodeSOD on

Once upon a time, I was tuning a database performance issue. The backing database was an Oracle database, and the key problem was simply that the data needed to be partitioned. Great, easy, I wrote up a change script, applied it to a test environment, gathered some metrics to prove that it had the effects we expected, and submitted a request to apply it to production.

And the DBAs came down on me like a sledgehammer. Why? Well, according to our DBAs, the license we had with Oracle didn't let us use partitioning. The feature wasn't disabled in any way, but when an Oracle compliance check was performed, we'd get dinged and they'd charge us big bucks for having used the feature- and if we wanted to enable it, it'd cost us $10,000 a year, and no one was willing to pay that.


A Top Level Validator

by in CodeSOD on

As oft stated, the specification governing email addresses is complicated, and isn't really well suited for regular expressions. You can get there, but honestly, most applications can get away with checking for something that looks vaguely email like and call it a day.

Now, as complicated as the "accurate" regex can get, we can certainly find worse regexes for validating emails. Morgan did, while on a contract.


To Tell the Truth

by in CodeSOD on

So many languages eschew "truth" for "truthiness". Today, we're looking at PHP's approach.

PHP automatically coerces types to a boolean with some fairly simple rules:

  • the boolean false is false
  • the integer 0 is false, as is the float 0.0 and -0.0.
  • empty strings and the string "0" are false
  • arrays with no elements are false
  • NULL is false
  • objects may also override the cast behavior to define their own
  • everything else is true

Terminated By Nulls

by in CodeSOD on

Strings in C are a unique collection of mistakes. The biggest one is the idea of null termination. Null termination is not without its advantages: because you're using a single byte to mark the end of the string, you can have strings of arbitrary length. No need to track the size and worry if your size variable is big enough to hold the end of the string. No complicated data structures. Just "read till you find a 0 byte, and you know you're done."

Of course, this is the root of a lot of evils. Malicious inputs that lack a null terminator, for example, are a common exploit. It's so dangerous that all of the str* functions have strn* versions, which allow you to pass sizes to ensure you don't overrun any buffers.


They Key To Dictionaries

by in CodeSOD on

It's incredibly common to convert objects to dictionaries/maps and back, for all sorts of reasons. Jeff's co-worker was tasked with taking a dictionary which contained three keys, "mail", "telephonenumber", and "facsimiletelephonenumber" into an object representing a contact. This was their solution:

foreach (string item in _ptAttributeDic.Keys)
{
string val = _ptAttributeDic[item];
switch (item)
{
    case "mail":
    if (string.IsNullOrEmpty(base._email))
        base._email = val;
    break;
    case "facsimiletelephonenumber":
    base._faxNum = val;
    break;
    case "telephonenumber":
    base._phoneNumber = val;
    break;
}
}

A Valid Applicant

by in CodeSOD on

In the late 90s into the early 2000s, there was an entire industry spun up to get businesses and governments off their mainframe systems from the 60s and onto something modern. "Modern", in that era, usually meant Java. I attended vendor presentations, for example, that promised that you could take your mainframe, slap a SOAP webservice on it, and then gradually migrate modules off the mainframe and into Java Enterprise Edition. In the intervening years, I have seen exactly 0 successful migrations like this- usually they just end up trying that for a few years and then biting the bullet and doing a ground-up rewrite.

That's is the situation ML was in: a state government wanted to replace their COBOL mainframe monster with a "maintainable" J2EE/WebSphere based application. Gone would be the 3270 dumb terminals, and here would be desktop PCs running web browsers.


Gotta Catch 'Em All

by in CodeSOD on

It's good to handle any exception that could be raised in some useful way. Frequently, this means that you need to take advantage of the catch block's ability to filter by type so you can do something different in each case. Or you could do what Adam's co-worker did.

try
{
/* ... some important code ... */
} catch (OutOfMemoryException exception) {
        Global.Insert("App.GetSettings;", exception.Message);
} catch (OverflowException exception) {
        Global.Insert("App.GetSettings;", exception.Message);
} catch (InvalidCastException exception) {
        Global.Insert("App.GetSettings;", exception.Message);
} catch (NullReferenceException exception) {
        Global.Insert("App.GetSettings;", exception.Message);
} catch (IndexOutOfRangeException exception) {
        Global.Insert("App.GetSettings;", exception.Message);
} catch (ArgumentException exception) {
        Global.Insert("App.GetSettings;", exception.Message);
} catch (InvalidOperationException exception) {
        Global.Insert("App.GetSettings;", exception.Message);
} catch (XmlException exception) {
        Global.Insert("App.GetSettings;", exception.Message);
} catch (IOException exception) {
        Global.Insert("App.GetSettings;", exception.Message);
} catch (NotSupportedException exception) {
        Global.Insert("App.GetSettings;", exception.Message);
} catch (Exception exception) {
        Global.Insert("App.GetSettings;", exception.Message);
}

Exceptional Feeds

by in CodeSOD on

Joe sends us some Visual Basic .NET exception handling. Let's see if you can spot what's wrong?

Catch ex1 As Exception

    ' return the cursor
    Me.Cursor = Cursors.Default

    ' tell a story
    MessageBox.Show(ex1.Message)
    Return

End Try