Comments on: Finding Time Bombs with Google Code Search http://www.blendedtechnologies.com/finding-time-bombs-with-google-code-search/114 Established January 2005 Sat, 04 Feb 2012 07:53:03 +0000 http://wordpress.org/?v=2.0 by: Greg - CEO/Founder http://www.blendedtechnologies.com/finding-time-bombs-with-google-code-search/114#comment-2033 Thu, 04 Jan 2007 23:24:47 +0000 http://www.blendedtechnologies.com/finding-time-bombs-with-google-code-search/114#comment-2033 You guys have a good point. It would be hard to write "retrun" and have it stay in your code after compiling/running. Here's <a href="http://shiflett.org/archive/269" rel="nofollow">a good write-up of Google code search security holes.</a> You guys have a good point. It would be hard to write “retrun” and have it stay in your code after compiling/running.

Here’s a good write-up of Google code search security holes.

]]> by: Mark Eichin http://www.blendedtechnologies.com/finding-time-bombs-with-google-code-search/114#comment-2032 Thu, 04 Jan 2007 23:11:11 +0000 http://www.blendedtechnologies.com/finding-time-bombs-with-google-code-search/114#comment-2032 For that matter, the popularity of keyword-highlighting editors helps a great deal. google for google codesearch security hole and you'll find the burst of postings from back when it came out, and how many logic errors (like memset with a 0 count instead of a 0 fill value) you *can* easily find with regexp searches... For that matter, the popularity of keyword-highlighting editors helps a great deal. google for google codesearch security hole and you’ll find the burst of postings from back when it came out, and how many logic errors (like memset with a 0 count instead of a 0 fill value) you *can* easily find with regexp searches…

]]> by: Jeff http://www.blendedtechnologies.com/finding-time-bombs-with-google-code-search/114#comment-2029 Thu, 04 Jan 2007 16:22:31 +0000 http://www.blendedtechnologies.com/finding-time-bombs-with-google-code-search/114#comment-2029 The lack of "retrun" results doesn't surprise me as it's a keyword mispelling. Most languages will see it as an undefined variable or a syntax error I'd imagine (the same as typing i 3 or some such nonsense on a random line). Time bombs in my experience are mostly logic related, which is quite difficult to express in a regex. The lack of “retrun” results doesn’t surprise me as it’s a keyword mispelling. Most languages will see it as an undefined variable or a syntax error I’d imagine (the same as typing i 3 or some such nonsense on a random line). Time bombs in my experience are mostly logic related, which is quite difficult to express in a regex.

]]>