Today's Question:  What weekend projects have you created?        GIVE A SHOUT

SEARCH KEYWORD -- bypassed

  Latest PHP patch cannot fix the bug

On Wednesday(2012-05-02), a remote code execution vulnerability in PHP was accidentally exposed to the Web, prompting fears that it may be used to target vulnerable websites on a massive scale. The bug itself was traced back to 2004, and came to light during a recent CTF competition.A CERT advisory on the flaw explains: “When PHP is used in a CGI-based setup (such as Apache's mod_cgid), the php-cgi receives a processed query string parameter as command line arguments which allows command...

   PHP,bug,patch,bypassed     2012-05-08 11:20:56

  HeartBleed: Should C be blamed for the HeartBleed bug?

There is a discussion about the security of applications written in C on Hacker News recently after the report of HeartBleed bug in OpenSSL. In this discussion, some people are saying that the applications written in C are unsafe. It seems all or most of the faults should be laid on C. I think this is biased. The language itself should not be blamed.Safety is a relative term for programming languages. No language is absolutely safe. We claim some languages like Java and C# are safer than C/C++ b...

   C,HeartBleed,Analysis,Code review     2014-04-14 03:52:55

  try { return } finally {}

Do you know what value will be printed when following program is ran? class Test { public int aaa() { int x = 1; try { return ++x; } catch (Exception e) { } finally { ++x; } return x; } public static void main(String[] args) { Test t = new Test(); int y =; System.out.println(y); } } And before answering the above question, do you have answers to following questions? If ther...

   JAVA,JAVA INTERVIEW QUESTION     2016-09-26 08:06:28

  A return to good code

Stop doing this:public boolean foo() { if (true) {   return true;   }  else {   return false;   }}It always amazes me when I dig into an open source project, and I see code written by supposed experts, and reviewed by seasoned professionals, and nobody slaps the wrists of the developer who shoves return statements right in the middle of a method.Tell me, how hard is it to do this:public boolean foo() {   boolean flag = true;  ...

   Java,Code,Method,Return,Condition     2011-03-23 01:24:47