Deprecated: Assigning the return value of new by reference is deprecated in /fs5e/blendedtechnologies/public/wp-content/plugins/pmetrics.php on line 1192
Blended Technologies » Blog Archive » Finding Time Bombs with Google Code Search

Finding Time Bombs with Google Code Search

Well I thought a search for “retrun” would return lots of rarely called functions just waiting to be called and crash. But instead all of the misspellings appear to be in the comments only. Perhaps all languages have a way to catch this.

Can you think of other more treacherous typos that could slip into code? Or in general can any bugs be found using only Google code search?

BTW, somewhat related to searching for typos, I always get a laugh searching for people who think newbie is spelled “new bee”. My guess is that they overheard the term somewhere and somehow thought it was related to bees? |  Digg |  FURL |  Yahoo! My Web 2.0 |  Reddit

3 Responses to “Finding Time Bombs with Google Code Search”

  1. Jeff Says:

    The lack of “retrun” results doesn’t surprise me as it’s a keyword mispelling. Most languages will see it as an undefined variable or a syntax error I’d imagine (the same as typing i 3 or some such nonsense on a random line). Time bombs in my experience are mostly logic related, which is quite difficult to express in a regex.

  2. Mark Eichin Says:

    For that matter, the popularity of keyword-highlighting editors helps a great deal. google for google codesearch security hole and you’ll find the burst of postings from back when it came out, and how many logic errors (like memset with a 0 count instead of a 0 fill value) you *can* easily find with regexp searches…

  3. Greg - CEO/Founder Says:

    You guys have a good point. It would be hard to write “retrun” and have it stay in your code after compiling/running.

    Here’s a good write-up of Google code search security holes.