- Joined
- Oct 8, 2001
- Location
- Redmond, WA
In an effort to write fewer bugs, I'm going to start a journal of all bugs in all the programs I write. That way, when I perplex myself, I can go back and look at similar bugs I've found and fixed.
However, it's going to be in a physical book and I don't want to switch the format midstream. I want to come up with a format that will give me as much useful information as possible and that will make that information as easy to find as possible.
Ex:
symptoms: crashes when searching my test box for config files
date: 10-10-1999
lang: BASIC
project: rootkit project 0.5a
purpose: provide difficult-to-detect backdoor access
purpose of broken code: look through /etc and ~/.* for interesting config files
bug: potential buffer overflow and execution of arbitrary code for files with very long names
reason for bug: I assumed that filenames would be of reasonable length.
fix: check filename length
complexity of fix: simple
severity: moderate
time to find, isolate and fix: 4 days
how you found the bug: searched for any interaction with the filesystem
edit: Thanks deRussett
edit2: added a couple more
However, it's going to be in a physical book and I don't want to switch the format midstream. I want to come up with a format that will give me as much useful information as possible and that will make that information as easy to find as possible.
Ex:
symptoms: crashes when searching my test box for config files
date: 10-10-1999
lang: BASIC
project: rootkit project 0.5a
purpose: provide difficult-to-detect backdoor access
purpose of broken code: look through /etc and ~/.* for interesting config files
bug: potential buffer overflow and execution of arbitrary code for files with very long names
reason for bug: I assumed that filenames would be of reasonable length.
fix: check filename length
complexity of fix: simple
severity: moderate
time to find, isolate and fix: 4 days
how you found the bug: searched for any interaction with the filesystem
edit: Thanks deRussett
edit2: added a couple more
Last edited: