mvk wrote:lucasart wrote:bob wrote:
What on earth is so bad about copying the end of a string to the beginning?
It's a O(N^2) parsing algorithm, instead of O(N) for normal parsing. Plus it's ugly and relies on an undefined strcpy() behaviour, apparently (although I would never have guessed that strcpy() could be implemented right to left).
bob wrote:
As far as "a complete beginner" I am quite a bit beyond that...
I do not doubt it. All you have to do is confess that you wrote a piece of newbie-like code 40 years ago
At least Crafty is safe from PGN viruses now.
I love the claim that ReadPGN is supposedly two decades older than PGN, and the implication that Fortran has the equivalent of strcpy. All distracting from the bug, which was Crafty's alone. No, shoot the messenger instead.
There is absolutely ZERO danger here to any virus or security threat. None. Nada. That discussion is pointless.
I am copying within a buffer. One that was filled with a safe read with the proper byte count. Impossible to overflow or overwrite...
1. SOME of us saved games in the 70's. Not exactly PGN, but the part that parses the list of moves is exactly the same as was always done, sorry. Blitz/Cray Blitz saved everything in such a file. Time controls, time for each move, each move itself, etc. Just because there was no PGN standard doesn't mean there was no way to save a complete game and use it later for whatever purpose... In other words, a lack of knowledge on your part doesn't constitute an exaggeration on my part. COKO IV had the ability to save a game in a machine-readable form and then go back through it on demand, as did Greenblatt's program...
2. Fortran had NO strings when my program was started. See standard Fortran-66.
I'm not shooting any messenger at all. I happen to agree with Torvalds that if something works today, it should work tomorrow unless there is a good reason to break it. On Apple Mavericks, all you see is "Abort". No hint about what the problem was, no nothing. Running under the debugger shows absolutely nothing either. Nice software design.
It is impossible to make a language idiot-proof, trying to do so is a waste of time for the compiler people / library people, an irritation to the programmers smart enough to know what they are doing, and it STILL does not prevent a stupid programmer from doing stupid things that cause buffer overruns and such.