vmsplice(): the making of a local root exploit
Posted Feb 12, 2008 16:42 UTC (Tue) by utoddl
In reply to: vmsplice(): the making of a local root exploit
Parent article: vmsplice(): the making of a local root exploit
I basically agree with what you're saying, but I'd like to make just a couple of counter-points.
...beat it into them that useless
(e.g. i++; /* increment i */) explanations are worse than none at all.
True, that's useless to you and me, but for the noob programmer who has come through elementary and high school maths, the expression i++
is not immediately obvious. By the second or third C program he should be familiar with it, certainly. But my point is that the "document what's not obvious" standard requires a judgment call where "what's obvious" varies greatly with the experience of the coder.
For example, if you work on code related to SCSI or filesytems or otherwise connected with disks, you're expected to recognise that (bytes >> 9) converts from a byte count to a sector count, since sectors are 512 bytes.
If you say so. I don't happen to work in that domain often, so it isn't obvious to me. However, a well-crafted macro BYTES2SECTORS(bytes)
would give me a clue, and the magic numbers and operations on them would live in the definition of the macro, so you've got one place to maintain the conversion and it's clear to us noobs what it's related to. Again, the point isn't about this particular case, but if you can give magic numbers and operations on them a name, you can make the intent more clear (and perhaps avoid a problem, like (bytes<9)
). It's already clear to somebody, but will it be clear next week, or to the next programmer who may be less experienced?
to post comments)