• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

most important information about bugs

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

Christoph

JAPH Senior
Joined
Oct 8, 2001
Location
Redmond, WA
In an effort to write fewer bugs, I'm going to start a journal of all bugs in all the programs I write. That way, when I perplex myself, I can go back and look at similar bugs I've found and fixed.
However, it's going to be in a physical book and I don't want to switch the format midstream. I want to come up with a format that will give me as much useful information as possible and that will make that information as easy to find as possible.

Ex:

symptoms: crashes when searching my test box for config files
date: 10-10-1999
lang: BASIC
project: rootkit project 0.5a
purpose: provide difficult-to-detect backdoor access
purpose of broken code: look through /etc and ~/.* for interesting config files
bug: potential buffer overflow and execution of arbitrary code for files with very long names
reason for bug: I assumed that filenames would be of reasonable length.
fix: check filename length
complexity of fix: simple
severity: moderate
time to find, isolate and fix: 4 days
how you found the bug: searched for any interaction with the filesystem


edit: Thanks deRussett
edit2: added a couple more
 
Last edited:
you might want to list what the project does, unless that is listed in another book,

projectrootkit project 0.5a
function find interesting config files, blah blah blah
 
Oh good, I was scared there for a second :p

On a serious note, this is a good idea. I too have found myself making the same mistakes over and over, but hopefully if I were to actually record them, I would be able to cut down on the amount of future errors. Or maybe I'll just start making new ones...
 
That's it. I'm starting now. I just spent way too much time tracking down a bug that looked like this:
printf("employee #%s\\'s name is %s.\n",workers->id,workers->name);
when it should have looked like this:
printf("employee #%d\\'s name is %s.\n",workers->id,workers->name);

Not only that, but I made the same mistake yesterday.
 
Back