|
I'm just glad I never had the opportunity to do it in COBOL
Sent from my Amstrad PC 1640
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
AntiTwitter: @DalekDave is now a follower!
|
|
|
|
|
I have two claims to fame in my career: I've never written an ECO(*) (Engineering Change Order), and I've never learned COBOL.
(*) A document used within my company that describes how to build a product. It's incredibly complicated, and for software it's completely over-engineered.
Software Zen: delete this;
|
|
|
|
|
Most oldtimers know the Ken Thompson Turing Award lecture "Reflections on trusting trust" (and the youngers really should be introduced to it!) For a few years after this paper was published (1984), various writers expanded on the idea.
One of the articles in my basement archive discusses how this compiler trojan could be implemented in the backend, code generating part, of a compiler suite such as gcc. It would then apply to all the compilers using that backend - Cobol is mentioned as an example, even though the malicious code never existed in Cobol form. This article discusses how the trojan could avoid detection, e.g. by propagating only to executables of a certain minimum size so that the size of the trojan code would be a tiny little fraction. It also discusses how a parse tree could be recognized as a compiler being compiled, and how the trojan could added at the parse tree level before code generation, so that it would spread even to the early (language dependent) compiler stages, not just the back end.
This would not exactly be self modifying code, but it illustrates that even Cobol certainly isn't safe for malware.
|
|
|
|
|
When structured languages (like Algol, Pascal etc) came onto the scene, we used to say that "You can program FORTRAN in any language".
Around 1980. a professor in the Mecanical Engineering Department and eager FORTRAN coder wrote an article for the newsletter from the University Computing Center, with a fierce attack on this silly idea of indenting loops and conditional blocks (when programming in these new languages). Like in a book: All text is left justified, starting at the margin. You can't make it consistent anyway, if you, say, have a labeled statement in that indented part: Any jump to that label would break the idea of this indented block being a coherent unit...
Or something like that. I believe I still have that newsletter in my archives. I really should dig it up to see if he had any valid arguments at all. He probably didn't. I can't imagine what they would be.
|
|
|
|
|
Member 7989122 wrote: Mechanical Engineering Department and eager FORTRAN coder Found your problem.
Software Zen: delete this;
|
|
|
|
|
But without those type of people we would never have put a man on the moon. Remember, it takes people with real jobs to get real things done.
|
|
|
|
|
|
Interesting bit of history, thanks.
|
|
|
|
|
Suddenly a wild overloaded operator appears...
Try stand up comedy.
"It is easy to decipher extraterrestrial signals after deciphering Javascript and VB6 themselves.", ISanti[ ^]
|
|
|
|
|
Operator overloading can result in some of the worst abuses of the language. Usually the overloads are intuitive and reduce your typing but they can be easily taken beyond that into the realm of the absurd.
I recently wrote my own little vector and matrix library for 3D graphics and there are some overloads in it that I think are sensible. For example, I have a point class that stores three coordinates and it has an [] overload that returns the coordinate at that index. This lets you write point[index] instead of point.coordinates[index]. That makes sense to me and I would not want it to do anything else behind the scene.
The example you cite is beyond what I consider to be intuitive. It would be best to have explicit methods to implement that functionality instead of an overridden operator in my opinion.
I don't hate C++ at all. What I hate is when people try to get cute with it as in your example. I don't think it enhances the readability or maintainability of the code at all if one has to figure out what is going with a statement like that.
|
|
|
|
|
-1 for blaming an excellent tool when the real problem lies with (s)he who uses it...
History is the joke the living play on the dead.
|
|
|
|
|
Actually this is in the STL library, the map object, pretty much a part of C++.
So yeah, it sucks.
|
|
|
|
|
I've used STL extensively for decades and std::map is not the problem as mentioned in your OP. As you pointed out, the overridden function was incorrectly implemented so again, the fault lies with the developer and not the language.
Technically speaking, STL is a library implemented in C++. So your OP would better have been title "Why I hate STL" (where you probably would have found a much more accepting audience).
Cheers,
Ian
History is the joke the living play on the dead.
modified 15-Jul-18 13:14pm.
|
|
|
|
|
|
Why reference the code and what is it you are requesting?
History is the joke the living play on the dead.
|
|
|
|
|
What you should really be hating on is the abhorrent coder not the language. That's like hating the hammer that was used to build the crappy shack you live in.
#SupportHeForShe
Government can give you nothing but what it takes from somebody else. A government big enough to give you everything you want is big enough to take everything you've got, including your freedom.-Ezra Taft Benson
You must accept 1 of 2 basic premises: Either we are alone in the universe or we are not alone. Either way, the implications are staggering!-Wernher von Braun
|
|
|
|
|
Oh I do, dont worry, but C++ allows this kind of crap to happen.
|
|
|
|
|
so does every other language that is of any use beyond kiddie crap.
#SupportHeForShe
Government can give you nothing but what it takes from somebody else. A government big enough to give you everything you want is big enough to take everything you've got, including your freedom.-Ezra Taft Benson
You must accept 1 of 2 basic premises: Either we are alone in the universe or we are not alone. Either way, the implications are staggering!-Wernher von Braun
|
|
|
|
|
C++ positively invite this kind of ridiculousness. Give a man a hammer, and everything is a nail.
Give a language feature x and every one has to abuse it. C++ has more of these than any other language I have used, ADA, VB, Java, Small Talk, Prolog and of course C, way more.
|
|
|
|
|
There may be reasons to dislike C++, but surely this one is a programmer induced problem.
|
|
|
|
|
One reason to dislike C(++) is that it provides excellent tools for a programmer to make a mess in a very simple way.
In the earlier days, you could see quite a few horrible cases of poiner arithmetic - and the programmers were proud of it, proud of how they could do things that were impossible in toy languages like Pascal that gave you a slap on your fingers for just addressing outside the array limits, and introducing artificial differences between a pointer to the start of an array and the array itself. Every knowledgeabler person should know that they are the same!
Fortunately, intricate pointer arithmetic is no longer the way to prove your skills. OO techniques has been more popular for that for at least 15-20 years. Virtual functions and overrides may be terribly abused, too, and what is the big difference bewtween operator overloading and virtual functions, at the conceptual level?
|
|
|
|
|
Member 7989122 wrote: the programmers were proud of it,
This is a problem in any language, and exactly what I am getting at here.l C++ give bedroom nerd programmers who think complexity is good the chance to do this.
Real engineers dont.
Member 7989122 wrote: what is the big difference bewtween operator overloading and virtual functions
Huge.
An overridden function is subclass specialisation.
An operator overload is supposed to *improve* the operator's functionality specifically for that class. In fact without overloading that operator might be dangerous.
Take the classic 'class contains an allocated pointer' and not overriding the '=' operator. The class being copied to needs new memory allocating, and the contents copied to it.
This is good. This is logical.
Using [] to add a member to the end of an array is just stupid.
|
|
|
|
|
Munchies_Matt wrote:
This is a problem in any language, and exactly what I am getting at here.l C++ give bedroom nerd programmers who think complexity is good the chance to do this.
Sure every programming language has facilities that may be abused. Some has more such "options" than others. Take pointer arithmetic: You can do that in C an C++, but not in C#. Adressing out of array bounds (deliberately or accidentally) you can do in C, but not in Pascal. Silent fall through in a switch statement you can do in C, but neither in Pascal (no fallthrough at all) or C# (explicit). Dividing 'B' by 2 to get an exclamation mark: Allowed in C, not in properly typed languages.
Fortran had its 'facilities', such as common blocks and GOTOs. Actually, most languages do provide labels and GOTO, but I don't think I have programmed a single GOTO in my 35 years as a programmer, and I have hardly ever come across code that uses is. At least not after that 101 Elementary Programming as as freshman at the U, which was taught in Fortran (the next year they switched to Pascal).
Other languages, too, can be abused. But languages do vary a lot in how much effort it takes to get to those misbehaviour features (I think you could do pointer arithmetic tricks in "unsafe" C#, and many Pascal compilers lets you turn off the array index checking).
It also varies a lot what is commonly accepted programming style in textbook examples, widely distributed open source code etc. For C, you see things like (usually unsafe) pointer arithmetic, or pro forma arrays of length 0 because they will be arbitrarily indexed out of bounds etc. Fortran examples could have lots of labels and GOTOs, and so could Basic, but you would rarely if ever see a GOTO in a Pascal or C# textbook.
You may be a "clever" C programmer able to "prove" that you can do the same nasty things in a more strictly typed language, a language lacking explicit pointers, etc. "So that other language is just as bad as C". No, it isn't, if you have to be an expert and do special tricks that noone does by accident.
In C (/C++) you might do things by accident or delibrately, and a bystander will be unable to distinguish between them. You need not do anything to "allow" neither switch fallthrough, out-of-bounds indexing or pointer arithmetic. Many other languages are far more helpful, trying to guide you not to do silly things. C is a "you asked for it, you got it"-language.
|
|
|
|
|
Munchies_Matt wrote: what is the big difference bewtween operator overloading and virtual functions Huge Implementationwise: Yeah, probably, in most compilers. Not necessarily.
On an abstract level, for the user: Not very much. Both mechanisms provide similarly identified operations to be interpreted differently for different types/classes. The intention is that the implementations for various types shall have similar semantics, but it doesn't have to be.
In my "childhood engineering years" (i.e. after graduation) I was programming in a Pascal-inspired proprietary language which allowed a left argument as well as right arguments, and a single right argument didn't require parentheses. Furthermore, the identifier syntax for functions allowed a big selection of special characters and Functions could be overloaded. "+" was a perfectly fine name for a function that could take MyComplex left and right arguments, or a MyComplex left and (float: re, float: im) right arguments. Conceptually, predefined "+" functions for int+int, int+float, ... were just like user functions. (Obviously, the compiler compiled wellknown builtin functions like these quite differently from those that were actually user written.)
I made a function library for all assignment functions (like C's =, ++, -- and so on) for struct types, that updated the reference count and triggered whenever an object was freed with more than one reference to it, or the reference count went to 0 in a non-free operation. This was for development/debugging only; for production work the library (with its noticable overhead) was omitted and the "simple" assignments took their place, as the default implmentation for the assignment functions.
This language wasn't a fullblown OO language; it didn't have a 'virtual function' concept. Yet having worked with overloaded "AddToList(MyComplex)" and overloaded "MyComplex + MyComplex", using identical mechanisms for the two, certainly blurs the distinction between overloaded operators and overloaded functions. Adding virtual functions on top of that doesn't make a very large conceptual difference.
|
|
|
|
|
As our program manager said once:
After object-oriented design course every programmer writes only singleton classes.
|
|
|
|
|