this post was submitted on 09 Feb 2024
858 points (97.6% liked)

Programmer Humor

19488 readers
753 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 115 points 9 months ago (4 children)

This wouldn't pass PR review and automated tests, unless they were a senior dev and used elevated privileges to mess with things behind the scenes.

[–] [email protected] 174 points 9 months ago (1 children)

It's bold to assume those exist. Maybe there's a reason the coworker left

[–] [email protected] 113 points 9 months ago (1 children)

rand() will be infrequent < 10 (at least ten in 2^15 times, if not exponentially more), so automated tests are likely to pass. If they don't, they're likely to pass on the second try, and then everyone shrugs and continues. If it's buried in 500 other lines, then it's likely the code reviewer will give it all a quick scan and say "it's fine". It's the three line diffs that get lots of scrutiny.

In other words, you seem to have a lot more faith in the process than I do.

[–] [email protected] 27 points 9 months ago (1 children)

rand will be called every time true is used, which could be hundreds of times for all we know

[–] [email protected] 25 points 9 months ago (1 children)

If it's a 16-bit integer platform, it might hit every once in a while.

If it's a 32-bit integer platform, it'll hit very rarely.

If it's a 64-bit integer platform, someone would have to do the math with some reasonable assumptions, but I wouldn't be surprised if it would never hit before the universe becomes nothing but black holes.

[–] [email protected] 12 points 9 months ago (1 children)

The point being made is that it also depends how often the 'true' value gets used in the code. Tests might only evaluate it a few times per run, or they could cause billions of evaluations per run. You can't know the probability of a test failure without knowing the occurrence rate of that expression.

[–] [email protected] 4 points 9 months ago* (last edited 9 months ago) (1 children)

Yes you're correct, this was the point I was making.

To elaborate: could be 100s of times in a codebase, even 1000s, being executed in tests on local machines and build servers 100s of times a day, etc. etc.

[–] [email protected] 2 points 9 months ago

But it would hit a different place every time... Most developers wouldn't even consider checking for this, and the chance of getting a repro in a debugger is slim to none

[–] [email protected] 61 points 9 months ago* (last edited 9 months ago) (2 children)

Write a 5 line PR and receive 5 comments. Write a 500 line PR and receive no comments.

[–] [email protected] 15 points 9 months ago
[–] [email protected] 10 points 9 months ago

Attn: security team

Hi,

I think someone on Lemmy has hacked into every work environment I've ever coded in

[–] [email protected] 16 points 9 months ago (1 children)

you'd be surprised what slips through review