是什么你用C所做的最危险的编程错误？ [英] What was the most dangerous programming mistake you have made in C?

问题描述

我是一个中间的C程序员。如果你做了，你才知道后，这是最危险的/有害的应用程序总，请分享code或说明任何编码错误。我想知道这是因为在将来，我可能会遇到这样的情况，我想有你的建议，以避免这样的错误。

I am an intermediate C programmer. If you have made any coding mistake that you came to know later that it was the most hazardous / harmful to the total application please share that code or description. I want to know this because in future I may come across such situations and I want to have your advice to avoid such mistakes.

推荐答案

几年前，我已经得到了从我的前同事告诉我有关该问题的一个电话，他与我的code，这是一个修复路由器信用卡交易。

Few years ago I've got a call from my ex-colleague telling me about the problem he had to fix with my code, which was a router for credit card transactions.

卡号preFIX由6位BIN（银行识别码），并且在银行自行决定使用额外的几个数字，例如银行有BIN签证经典卡456789，并保留2个额外的数字来表示的子产品，如01学生卡，02与当地百货等联名卡。在这种情况下，卡preFIX，这基本上是产品标识，成为8位长。当我codeD这一部分，我决定，9位应该足够给大家。我跑好了2年，直到有一天银行作出新的卡产品，10位长的preFIX（不知道为什么他们需要它）。不是太难想象发生了什么事 - 路由器segfaulted，整个系统停止，因为它不能没有交易的路由器功能，该银行的所有ATM机（在该国最大的一个）成为非经营性的几个小时，直到问题被发现和固定的。

Card number prefix consists of 6-digit BIN (Bank Identification Number) and extra few digits that banks use at own discretion, e.g. bank has BIN for Visa Classic card 456789, and reserve 2 extra digits to indicate sub-product, like 01 for student's card, 02 for co-branded card with local department store and so on. In this case card prefix, which is basically product identifier, becomes 8 digits long. When I coded this part, I decided that 9 digits "ought to be enough for everyone". I was running ok for 2 years until one day bank make a new card products with 10-digit-long prefix (have no idea why they needed it). Not too hard to imagine what has happened - router segfaulted, the whole system halted because it cannot function without transaction router, all ATMs of that bank (one of biggest in the country) became non-operational for few hours, until problem was found and fixed.

我不能在这里张贴code首先是因为我没有它，其次是由该公司版权的，但它不是很难想象的strcpy（）不检查目标缓冲区的大小。

I cannot post the code here firstly because I don't have it and secondly it is copyrighted by the company, but it is not hard to imagine the strcpy() without checking size of target buffer.

就像男人的strcpy 说：

如果一个目标字符串
  的strcpy（）不是足够大（即
  是，如果程序员是愚蠢的
  或懒惰，并未能检查大小
  前复制），那么任何可能
  发生。溢出固定长度的
  字符串是一个最喜欢的饼干
  技术。

If the destination string of a strcpy() is not large enough (that is, if the programmer was stupid or lazy, and failed to check the size before copying) then anything might happen. Overflowing fixed length strings is a favorite cracker technique.

我感到很尴尬。这是犯切腹的好时机：）

I was very embarrassed. It was a good time to commit seppuku :)

但我学到了很好的教训，不要忘记（通常:)）来检查目标缓冲区的大小。我不建议你去学习它艰辛的道路 - 只是养成了一个习惯之前的strcpy（）和的strcat（）。

But I learned the lesson well and do not forget (usually :) ) to check size of target buffer. I wouldn't recommend you to learn it the hard way - just develop a habit to check target buffer before strcpy() and strcat().

编辑：从Healthcarel很好的建议 - 使用函数strncpy（），而不是的strcpy（）。它不添加尾0，但我通常使用下面的宏绕过它：

good suggestion from Healthcarel - use strncpy() rather than strcpy(). It doesn't add trailing 0 but I usually use following macro to get around it:

的#define函数strncpy（A，B，C）做{函数strncpy（A，B，C）; A [J] = 0; }而（0）

这篇关于是什么你用C所做的最危险的编程错误？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！