Recent CodeSOD

Code Snippet Of the Day (CodeSOD) features interesting and usually incorrect code snippets taken from actual production code in a commercial and/or open source software projects.

Jun 2022

If You Switch

by in CodeSOD on

Switches are great. Given a value, you can switch to different code paths based on that value. The problem is… what if you have other conditions too?

Well, Hubert's co-worker found a way around that. Here's a heavily anonymized version of the pattern.


By Template

by in CodeSOD on

Kimberly L sends us an example of what is clearly template-generated code, so I think this is an opportunity to go on a rant.

Now, the important thing to note here is that this code was in a packaged library that they were considering using.


Heading On Out

by in CodeSOD on

Madeline inherited some Python 2.7 code, with an eye towards upgrading it to a more modern Python version. This code generates CSV files, and it's opted to do this by cramming everything into a 2D array in memory and then dumping the array out with some join operations, and that's the real WTF, because that's a guaranteed way to generate invalid CSV files. Like so many things, the CSV files are actually way more complicated than people think.

But we're going to focus in on a smaller subset of this pile of WTFs. I'll lead with the caveat from Madeline: "I've changed some of the variable names around, for a bit of anonymity, but couldn't get variable names quite as terrible as the original ones."


Show Thumbnails?

by in CodeSOD on

Christopher Walker continues to struggle against ancient PHP applications in the automotive industry. With the point system behind him, there was a whole pile of internal applications for handling information about laws, misconceptions about the law, and other driver services.

One, a home-grown CMS, was useful for publishing blog-style content about changes in the law. There was just one problem: if a post was published without a thumbnail, attempts to view that post failed with an error. It wasn't hard to find the offending line.


Spellchucker

by in CodeSOD on

There's an old saying in programming: you don't have to spell correctly, you only have to spell consistently. As long as you mispell everything the same way, your language will understand your code. However, most editors and IDEs have spell-check integration, though, because it's hard to get everyone on a team to spell things wrong consistently.

Unless, of course, you know just implement some bonus methods, like John's co-worker. This was frequently spammed in the Java codebase:


Classic WTF: Pure Eval

by in CodeSOD on
We close out our week with something evil. Someting… eval. Original. --Remy

When Jeff saw a line like this one, he knew there was something terribly wrong in the code he had inherited.

eval(Application("buildCommon").toString());


Re-Ports

by in CodeSOD on

Crystal Reports falls into that category of tool which promises to help end users accomplish technical tasks easily. They can point it at a database, ask the database a question, and voila, a report pops out, complete with pretty fonts and colors.

Like any such tool, however, there's a point where it starts getting technical. Jon's company passed that point ages ago, and hired on a dedicated Crystal Reports Developer to write reports that were too complicated for the end users. But even that has its limits, and eventually, their reporting needs outgrew what a Crystal Report implemented by their dedicated developer could do.


Query Lockup

by in CodeSOD on

Another day, another time where someone from Brian's team needs to log into their MySQL database and kill a query. This particular query hangs while holding a lock, which hangs up every other query which needs to touch this table, which is a lot of them.

select count(*) INTO @fullCount FROM SALLSTDM LEFT OUTER JOIN BUYBIDMB ON (MBBUYNBR = 597436 AND MBLOTNBR = SLLOTNBR) INNER JOIN LOTFILFL FL1 ON (FL1.FLFILTYP = 'A1' AND FL1.FLLOTNBR = SALLSTDM.SLLOTNBR ) INNER JOIN LOTFILFL FL2 ON (FL2.FLFILTYP = 'A1' AND FL2.FLLOTNBR = SALLSTDM.SLLOTNBR ) INNER JOIN LOTFILFL FL3 ON (FL3.FLFILTYP = 'A1' AND FL3.FLLOTNBR = SALLSTDM.SLLOTNBR ) INNER JOIN LOTFILFL FL4 ON (FL4.FLFILTYP = 'A1' AND FL4.FLLOTNBR = SALLSTDM.SLLOTNBR ) INNER JOIN LOTFILFL FL5 ON (FL5.FLFILTYP = 'A1' AND FL5.FLLOTNBR = SALLSTDM.SLLOTNBR ) INNER JOIN LOTFILFL FL6 ON (FL6.FLFILTYP = 'A1' AND FL6.FLLOTNBR = SALLSTDM.SLLOTNBR ) INNER JOIN LOTFILFL FL7 ON (FL7.FLFILTYP = 'A1' AND FL7.FLLOTNBR = SALLSTDM.SLLOTNBR ) INNER JOIN LOTFILFL FL8 ON (FL8.FLFILTYP = 'A1' AND FL8.FLLOTNBR = SALLSTDM.SLLOTNBR ) INNER JOIN LOTFILFL FL9 ON (FL9.FLFILTYP = 'A1' AND FL9.FLLOTNBR = SALLSTDM.SLLOTNBR ) INNER JOIN LOTFILFL FL10 ON (FL10.FLFILTYP = 'A1' AND FL10.FLLOTNBR = SALLSTDM.SLLOTNBR ) WHERE 1=1 AND SALLSTDM.SLYRDNBR not in(450,451,452)

Mostly Okay

by in CodeSOD on

Taffer is the team lead on a team making security products. As such, they have very strict policies about how they write their code, they have very thorough code review systems, and they also have automated tests for everything.

And yet, things can still slip through.


onFunctionCall

by in CodeSOD on

Annalise has a pile of… unfortunate JavaScript. It's thousands of files with no real organization or logic behind their organization. It's got so much tech debt that it takes a full time developer just to keep it running, let alone provide support or add features or fix bugs. And the backlog of features and bugs is so long that it's best described in terms of א.

Which is to say, there's a lot in there that nobody understands. So when you see a bunch of callbacks registered to onFunctionCall, you might assume that this handler is doing… something. You'd be wrong.


True Enough

by in CodeSOD on

Managing true and false values is historically challenging. In the world of C, there's even a history to those challenges. Prior to the C99 standard, there wasn't a standardized version of boolean values, but there was a convention which most applications followed, based on how C conditionals and boolean logic works.

In C, anything non-zero is considered "true". So, if(0) { … } won't execute the branch, but if(99) { … } will. As a result, when people wanted to make boolean equivalents, they'd use the C preprocessors to specify something like: