On 3/2/14 5:41 AM, Stefan Behnel wrote:
Haven't seen any mention of it on this list yet, but since it's such an
obvious flaw in quite a number of programming languages, here's a good
article on the recent security bug in iOS, which was due to accidentally
duplicated code not actually being as indented as it looked:
https://www.imperialviolet.org/2014/02/22/applebug.html
Stefan
As much as I like indentation as syntax, and am amused by this bug, I'm
not sure we can chalk it all up to space-vs-brace. After all, who would
have wanted two goto's in a row even with braces? It's not like there's
some engineer at Apple who meant for the code to read like this:
if ((err = SSLHashSHA1.update(&hashCtx, &signedParams)) != 0) {
goto fail;
goto fail;
}
This looks to me like a poorly handled merge conflict maybe? I wonder
if we'll ever get the details.
--
Ned Batchelder, http://nedbatchelder.com
--
https://mail.python.org/mailman/listinfo/python-list
