Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is a perfect example of why we shouldn't have (or not allowing the use of) ++ in languages. If instead of being buried in a long statement, the increment had been explicit on its own line there's a much smaller chance this bug would have happened.

Which is easier to miss?

aes_ctr(&encr_aes->key, encr_aes->nonce++, buf, len, filebuf + CRYPTO_FILE_HLEN);

or

aes_ctr(&encr_aes->key, encr_aes->nonce, buf, len, filebuf + CRYPTO_FILE_HLEN);

ncr_aes->nonce += 1;

?



Python has this feature. But if you want to get serious, eliminate [1] all side-effects like Haskell.

[1] Or rather, make all side effects explicit---including visible to the type system.


Golang does that, right (++ is a statement, not an expression)?


Yes. Go's assignments, increments, etc cannot be used as expressions.


For better or worse I've been working on the same codebase for almost a decade; now whenever I patch the code I've got half an eye on how likely it is that I or someone else could accidentally break this code in the future.

If you've got to write code that's not allowed to fail, you can't afford set up little traps like this for yourself.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: