Y
Hacker News
new
|
ask
|
show
|
jobs
by
akira2501
909 days ago
> or make assignments not be an expression,
Or just reverse the expression:
0 == curent->uid
So that the bug case is an error:
0 = current->uid
1 comments
layer8
909 days ago
Yes, that is well known, but it doesn’t prevent the issue in TFA.
link
akira2501
909 days ago
How does it not? Applied literally to the article, it would have turned this backdoor into a compile time error.
link
umanwizard
909 days ago
Because you can’t trust the person backdooring your code to help you out by writing in this style.
link
akira2501
909 days ago
Yes, they could literally violate the coding style, but presumably, that would draw more attention to what they've done, not less.
link