Comments on: Windows XP’s built-in unzipping functionality is not trustworthy http://www.xaprb.com/blog/2005/12/01/windows-xps-built-in-unzipping-functionality-is-not-trustworthy/ Stay curious! Sat, 06 Sep 2008 02:00:18 +0000 http://wordpress.org/?v=2.2.2 By: Tim McCormack http://www.xaprb.com/blog/2005/12/01/windows-xps-built-in-unzipping-functionality-is-not-trustworthy/#comment-20 Tim McCormack Thu, 15 Dec 2005 02:44:52 +0000 http://www.xaprb.com/blog/2005/12/01/windows-xps-built-in-unzipping-functionality-is-not-trustworthy/#comment-20 <p>I was rather astonished to read this, not so much in disbelief, but more of a nasty shock. Makes me wonder what I've missed in the past. Also makes me wonder what else Windows is simply glossing over.</p> <p>It also occurs to me that someone wrote the code to handle the filenames and either purposefully or forgetfully neglected to check both cases (valid, invalid). At some point in there they wrote an IF/ELSE clause or a TRY/CATCH clause, and either ignored the invalid case or let control loop around to the next file. Even a really basic code-coverage checker would catch that sort of omission.</p> I was rather astonished to read this, not so much in disbelief, but more of a nasty shock. Makes me wonder what I’ve missed in the past. Also makes me wonder what else Windows is simply glossing over.

It also occurs to me that someone wrote the code to handle the filenames and either purposefully or forgetfully neglected to check both cases (valid, invalid). At some point in there they wrote an IF/ELSE clause or a TRY/CATCH clause, and either ignored the invalid case or let control loop around to the next file. Even a really basic code-coverage checker would catch that sort of omission.

]]>