On Sun, Mar 2, 2014 at 2:38 PM, Roy Smith <r...@panix.com> wrote:
> In article <mailman.7568.1393756930.18130.python-l...@python.org>,
> Stefan Behnel <stefan...@behnel.de> wrote:
>
>> Haven't seen any mention of it on this list yet, but since it's such an
>> obvious flaw in quite a number of programming languages, here's a good
>> article on the recent security bug in iOS, which was due to accidentally
>> duplicated code not actually being as indented as it looked:
>>
>> https://www.imperialviolet.org/2014/02/22/applebug.html
>>
>> Stefan
>
> Hogwash. What this looks like is two gotos in a row. Anybody who
> reviewed this code would have thrown up a red flag when they saw two
> gotos in a row. If anything, the "incorrect" indentation makes it even
> more obvious. Any static code analyzer would have also caught this as
> an unreachable statement.
>
> Paraphrasing this into Python, you get:
>
> def bogus():
> if SSLHashSHA1.update(hashCtx, serverRandom) != 0:
> raise fail
> if SSLHashSHA1.update(hashCtx, signedParams) != 0:
> raise fail
> raise fail
> if SSLHashSHA1.final(hashCtx, hashOut) != 0:
> raise fail
>
> which is syntactically valid (at least, I can import it), but clearly
> not what the author intended. So how did Python's indentation rules
> save us?
Actually, that's incorrect. The bug (written in Python) would have been:
if SSLHashSHA1.update(hashCtx, signedParams) != 0:
raise fail
raise fail # ie. no indent.
If written with the indent, it's a useless line of code, but it
doesn't become a bug.
--
https://mail.python.org/mailman/listinfo/python-list
