The University of Washington chapter of the Society of Women Engineers is putting on their quarterly career fair today at the Husky Union Building, and I’ll be there with a couple of my fabulous Coverity colleagues. If you happen to be a UW student reading this and want to stop on by for a round of my favourite game, “Spot the Defect” please do. We’ll be presenting a whole pile of buggy code; some of the defects will be quite straightforward and some of them will be subtle, but they all have a lesson.
If you want to play along at home, here’s one of the easy ones; this code was in a real used-by-customers product when Coverity’s static analysis engine discovered it:
{ ... if (!strcmp(argv[i], "-configure")) { if (getuid() != 0 && geteuid != 0) { puts("Only root can use -configure.n"); exit(1); } } xf86DoConfigure = TRUE; xf86AllowMouseOpenFail = TRUE; return 1; }
Can you spot the defect and describe its consequence?
Anyways, like I said, if you’re a UW student then stop on by the booth and we’ll chat. The fair is open 12:30 to 5:30; if you’re a SWE member then you get early admission and can come in any time after 12:00. Hope to see you there!
Next time on FAIC: The solution to today’s puzzle.