您必须修复的最混乱的代码是什么?
大多数程序员都有调试/修复别人代码的经验。 有时,“别人的代码”是如此混乱,以至于试图理解它在做什么已经够糟糕的了。
您必须调试/修复的最糟糕(最混乱)的代码是什么?
如果您没有扔掉它并从头开始重新编码,那为什么不呢?
Most programmers will have had the experience of debugging/fixing someone else's code. Sometimes that "someone else's code" is so obfuscated it's bad enough trying to understand what it's doing.
What's the worst (most obfuscated) code you've had to debug/fix?
If you didn't throw it away and recode it from scratch, well why didn't you?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(12)
我今天在我们的代码库中发现了这一行,并认为这是偷偷摸摸的混淆的一个很好的例子:
只要确保我阅读了整行。 禁止略读。
I found this line in our codebase today and thought it was a nice example of sneaky obfuscation:
Just making sure I read the whole line. NO SKIMREADING.
在处理 GWT 项目时,我会接触到 GWT 编译的混淆 JS 代码中不属于我的部分。
现在祝你调试真实混淆代码好运。
When working on a GWT project, I would reach parts of GWT-compiled obfuscated JS code which wasn't mine.
Now good luck debugging real obfuscated code.
我不记得完整的代码,但其中的一部分仍然铭刻在我的记忆中,因为我花了几个小时试图理解它:
一开始我无法理解它,它看起来毫无用处,然后我打印了 @_ for参数列表,一系列交替的布尔值和函数名称,代码与库检测模块结合使用,如果函数被破坏,该模块会改变行为,但是代码的文档记录非常糟糕,并且由类似的东西组成,这使得在没有完全理解完整代码的情况下,我放弃并重写了整个代码。
来自 DVK 的更新:
并且,为了避免有人声称这是因为 Perl 不可读,而不是编码员是高尔夫大师而不是优秀的软件开发人员,这里是相同的代码,其形式稍微不那么混乱(真正正确的代码甚至不会交替首先是子名称和布尔值:)
I can't remember the full code, but a single part of it remains burned into my memory as something I spend hours trying to understand:
I couldn't understand it at first, it looks so useless, then I printed out @_ for a list of arguments, a series of alternating boolean and function names, the code was used in conjunction with a library detection module that changed behaviour if a function was broken, but the code was so badly documented and made of things like that which made no sense without a complete understanding of the full code I gave up and rewrote the whole thing.
UPDATE from DVK:
And, lest someone claims this was because Perl is unreadable as opposed to coder being a golf master instead of good software developer, here's the same code in a slightly less obfuscated form (the really correct code wouldn't even HAVE alternating sub names and booleans in the first place :)
我遇到过一个 300 行函数执行输入清理的情况,但它错过了某个极端情况。 它使用 IndexOf 和 Substring 以及大量内联变量和常量手动解析某些情况(看起来原始编码器对良好实践一无所知),并且没有提供任何注释。 由于时间限制,扔掉它是不可行的,而且我没有所需的规范,因此重写它意味着理解原始内容,但在理解它之后修复它会更快。 我还加了很多评论,这样以后的人看到我就不会感到同样的痛苦了……
I've had a case of a 300lines function performing input sanitization which missed a certain corner case. It was parsing certain situations manually using IndexOf and Substring plus a lot of inlined variables and constants (looks like the original coder didn't know anything about good practices), and no comment was provided. Throwing it away wasn't feasible due to time constraints and the fact that I didn't have the specification required so rewriting it would've meant understanding the original, but after understanding it fixing it was just quicker. I also added lots of comments, so whoever shall come after me won't feel the same pain taking a look at it...
Perl 声明:
根据原作者(Randal Schwartz 本人,他说他不喜欢它,但当时没有其他可用的东西)的建议,它被替换为更容易理解的内容:
除了那句话之外,一些IBM 的 Java JDBC 库被混淆了,所有变量和函数要么是字母“l”和“1”的组合,要么是单/双字符 - 很难追踪任何内容,除非将它们全部重命名。 需要这样做来找出为什么它们在 IBM 的 JRE 中运行良好,但在 Sun 的 JRE 中运行不佳。
The Perl statement:
which, at the suggestion of the original author (Randal Schwartz himself, who said he disliked it but nothing else was available at the time), was replaced with something a little more understandable:
Beyond that one-liner, some of the Java JDBC libraries from IBM are obfuscated and all variables and functions are either combinations of the letter 'l' and '1' or single/double characters - very hard to track anything down until you get them all renamed. Needed to do this to track down why they worked fine in IBM's JRE but not Sun's.
如果你谈论的是HLL代码,有一次我正在更新一个中国人编写的项目,所有注释都是中文(存储在ansii中),并且理解一些代码片段是一件可怕的事情,如果你谈论的是低级代码,那么有其中很多(混淆、变异、虚拟机编辑......)。
If you're talking about HLL codes, once I was updating project written by a chinese and all comments were chinese (stored in ansii) and it was a horror to understand some code fragments, if you're talking about low level code there were MANY of them (obfuscated, mutated, vm-ed...).
我曾经不得不对一个 Java 1.1 框架进行逆向工程,该框架:
catch
块中。如果我不得不猜测,这可能是某人的“聪明”想法,即方法调用在 Java 1.1 中代价高昂,因此为非异常流控制抛出异常在某种程度上被认为是一种优化。
用了大约三瓶眼药水。
I once had to reverse engineer a Java 1.1 framework that:
catch
blocks.If I had to guess, it was probably someone's "smart" idea that method invocations were expensive in Java 1.1, so throwing exceptions for non-exceptional flow control was somehow considered an optimization.
Went through about three bottles of eye drops.
我曾经发现过一颗被故意混淆的定时炸弹。
当我最终解码了它在做什么时,我向经理提到了它,经理说他们知道定时炸弹,但将其保留在原处,因为它效率很低并且与其他代码交织在一起。
定时炸弹(大概)应该在某个日期后爆炸。
相反,它有一个错误,因此只有在 12 月 31 日午餐时间后有人工作时才会激活。
自从写定时炸弹的人离开公司以来,这种情况已经过去三年了。
I once found a time bomb that had been intentionally obfuscated.
When I had finally decoded what it was doing I mentioned it to the manager who said they knew about the time bomb but had left it in place because it was so ineffective and was interwoven with other code.
The time bomb was (presumably) supposed to go off after a certain date.
Instead, it had a bug in it so it only activated if someone was working after lunchtime on Dec 31st.
It had taken three years for that circumstance to occur since the guy who wrote the time bomb left the company.
PHP OSCommerce 足以说,它是混淆的代码......
PHP OSCommerce is enough to say, it is obfuscated code...
嵌套 if、while、例如:
面向剪切和粘贴的编程
面向
我很想扔掉并重新编码......但是,经过 3 天的艰苦调试后,
我添加了神奇的 if :-)
nested if, while, like:
cut-and-paste oriented programming
I was tempted to throw away and recode... but, after 3 days of hard debugging,
I've added the magic if :-)
Spaghetti代码PHP CMS系统。
Spaghetti code PHP CMS system.
默认情况下,程序员认为其他人的代码被混淆了。
我可能要做的最糟糕的事情是用一个简单的方法解释变量 i1、i2 j、k、t 是什么,并且它们不是“for”循环中的计数器。
在所有其他情况下,我认为问题区域很困难,这使得代码看起来很困难。
by default, programmers think someone else's code is obfuscated.
The worse I probably had to do was interpreting what variables i1, i2 j, k, t were in a simple method and they were not counters in 'for' loops.
In all other circumstances I guess the problem area was difficult which made the code look difficult.