Click here to Skip to main content
13,704,995 members
Click here to Skip to main content
Add your own
alternative version

Tagged as

Stats

8.7K views
1 bookmarked
Posted 23 May 2010
Licenced CC (ASA 2.5)

Trust Issues with Source Code

, 23 May 2010
Rate this:
Please Sign up or sign in to vote.
Trust issues with source code
Double face palm

Digging around in some code circa 6 months ago, I discovered a method that I had scrounged from the web and, in my apparent haste at the time, had not built any unit tests. It was less than 20 lines of code doing some simple array manipulation – and it was from a pretty decent site, so it seemed pretty safe. It’s the weekend so I thought, hey, time to plug that gap! I started with some simple cases and soon realized that one of the execution paths was just … well, plain wrong.

Luckily, that behavior wasn’t being used anywhere in my project (yet!), but still, it was essentially a landmine waiting for someone to trip it. My first reaction was “shame on them for posting that without testing it!” Of course, this code didn’t end up in my project because of the author. It was I who blindly accepted and gave it the “it’s from the internet!”-stamp-of-approval.

Lessons learned today:itsfromtheinternet

  • Trust is earned, not given.
  • Source code becomes trusted by-way-of thorough unit and functional testing.
  • Do not trust untested code from the internet.
  • Do not trust untested code from your own keyboard even more so – at least on the internet it’s likely that someone else has reviewed it.

I’ve written to the author a friendly note with a simple fix – it’s better to diffuse that bomb than let it get somebody else!




License

This article, along with any associated source code and files, is licensed under The Creative Commons Attribution-ShareAlike 2.5 License

Share

About the Author

James Kolpack
Software Developer (Senior)
United States United States
No Biography provided

You may also be interested in...

Pro

Comments and Discussions

 
GeneralRe: A few comments Pin
James Kolpack23-May-10 4:40
memberJames Kolpack23-May-10 4:40 
Thanks for the heads-up - I'm syndicating posts from my blog to code project and occasionally the formatting is lost in translation.

I agree that the general issue applies to more than source code, but it especially applies when the responsibility of "ownership" gets transfered to yourself when you use it. I think this would include an legacy project that you're maintaining or extending (ie, you now "own" it), but I'd say that a 3rd party "black box" library is still the responsibility of those who created and/or sold it.

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink | Advertise | Privacy | Cookies | Terms of Use | Mobile
Web01-2016 | 2.8.180920.1 | Last Updated 23 May 2010
Article Copyright 2010 by James Kolpack
Everything else Copyright © CodeProject, 1999-2018
Layout: fixed | fluid