Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > C++ > Leighs code comfirmed insecure.

Reply
Thread Tools

Leighs code comfirmed insecure.

 
 
Paul
Guest
Posts: n/a
 
      04-29-2011
If Leigh'd been able to communicate properly he would've learned something
because what I was trying to explain to him about his code was that his
templates do no type checking.
The code he presented has big fancy templates that look very professional
with charT and traits parameteters, all in avery similar in style to the C++
std lib. But they only look good, they don't actually do anything, all his
templates do is open the functions to accept almost anytype.
If his templates had any real value they'd ensure typechecking and enhance
the security of the functions making code more robust and catch more errors
at compile time.

Here is an example of just how misleading Leighs code can be , and an
example of how he presents himself as some expert and makes his code appear
professional, but its actually very easy to hack and break.

By displaying these flaws in Legihs code I do not intend to harm him or
attack him in person , I did originally attempt to have a resonable
discussion about the code, but as you can see from other threads I was
attacked with an onslaught of personal abuse.


#include <iostream>
#include <vector>
#include <string>
#include <algorithm>


template <typename FwdIter1, typename FwdIter2, typename ResultContainer>
inline FwdIter1 tokens(FwdIter1 aFirst, FwdIter1 aLast, FwdIter2
aDelimeterFirst, FwdIter2 aDelimiterLast, ResultContainer& aTokens,
std::size_t aMaxTokens = 0, bool aSkipEmptyTokens = true, bool
aDelimeterIsSubsequence = false)
{
if (aFirst >= aLast)
return aFirst;
typedef typename ResultContainer::value_type value_type;
if (aDelimeterFirst == aDelimiterLast)
{
aTokens.push_back(value_type(aFirst, aLast));
return aLast;
}
FwdIter1 b = aFirst;
FwdIter1 e = aDelimeterIsSubsequence ? std::search(b, aLast,
aDelimeterFirst, aDelimiterLast) : std::find_first_of(b, aLast,
aDelimeterFirst, aDelimiterLast);
std::size_t tokens = 0;
while(e != aLast && (aMaxTokens == 0 || tokens < aMaxTokens))
{
if (b == e && !aSkipEmptyTokens)
{
aTokens.push_back(value_type(b, b));
++tokens;
}
else if (b != e)
{
aTokens.push_back(value_type(b, e));
++tokens;
}
b = e;
for (std::size_t i = aDelimeterIsSubsequence ?
std::distance(aDelimeterFirst, aDelimiterLast) : 1; i > 0; --i)
++b;
e = aDelimeterIsSubsequence ? std::search(b, aLast, aDelimeterFirst,
aDelimiterLast) : std::find_first_of(b, aLast, aDelimeterFirst,
aDelimiterLast);
}
if (b != e && (aMaxTokens == 0 || tokens < aMaxTokens))
{
aTokens.push_back(value_type(b, e));
b = e;
}
return b;
}

template <typename CharT, typename Traits, typename Alloc, typename
ResultContainer>
inline void tokens(const std::basic_string<CharT, Traits, Alloc>&
aLine, const std::basic_string<CharT, Traits, Alloc>& aDelimeter,
ResultContainer& aTokens, std::size_t aMaxTokens = 0, bool
aSkipEmptyTokens = true, bool aDelimeterIsSubsequence = false)
{
tokens(aLine.begin(), aLine.end(), aDelimeter.begin(),
aDelimeter.end(), aTokens, aMaxTokens, aSkipEmptyTokens,
aDelimeterIsSubsequence);
}


class Foo{
public:
Foo(){;}
Foo(char* arg1, char* arg2){security_breaker();}
Foo(const Foo& rhs){;}
~Foo(){}
void security_breaker(){std::cout<<"code does what it likes.....\n";}
};

int main(){
std::vector<Foo> v1;
char c[4] = {'A','B','\0','D'};
double arr[5];

tokens(c, c+sizeof(c), arr, arr+sizeof(arr), v1);
}


I did originally intend helping Leigh by showing him how to do it correctly
, but **** him . He gave me **** and was nasty so he won't be learning
anything from here



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
what is the difference between code inside a <script> tag and code in the code-behind file? keithb ASP .Net 1 03-29-2006 01:00 AM
Fire Code behind code AND Javascript code associated to a Button Click Event =?Utf-8?B?Q2FybG8gTWFyY2hlc29uaQ==?= ASP .Net 4 02-11-2004 07:31 AM
Re: Code Behind vs. no code behind: error Ben Miller [msft] ASP .Net 1 06-28-2003 01:46 AM
Re: C# Equivalent of VB.Net Code -- One line of code, simple Ian ASP .Net 0 06-25-2003 01:14 PM
Re: C# Equivalent of VB.Net Code -- One line of code, simple Ron ASP .Net 1 06-24-2003 07:18 PM



Advertisments