Greg Hewgill (ghewgill) wrote,
Greg Hewgill
ghewgill

y2010 bugs found via google code search

Last week the news started coming about regarding various computing system failures caused by the rollover to the year 2010. I wondered how easy it would be to identify such bugs in open source software, using Google Code Search. What kind of bug would be would be easy to identify? A common error in the last century was to use a C printf format string "19%d", which would roll over from 1999 to 19100 at the turn of the century.

What if people used "200%d" as a format string? That would roll over from 2009 to 20010 in the year 2010. But surely nobody would actually do that, right? Wrong. Some of those hits are false hits and not relevant to dates, but I found about 10 open source projects with such date-related format strings. Some of them are:

I've sent suggested patches to fix the bug(s) to each project that I could find.

I'm pretty sure this technique of using Google Code Search has been used to locate unsafe coding practices related to software security vulnerabilities, but I wonder whether anybody has successfully applied it to other types of software bugs.

Subscribe

  • islands of the world tour 2009

    Amy and I haven't been back to North America to see family since we got married in 2007. We've been talking for a while about taking a trip back,…

  • changing travel plans

    Things are suddenly moving fast. It looks like Amy and I are going to try to make it to Austin in time for SXSW (that means leaving Canada around…

  • photos from the usa southwest trip

    I've finished culling, sorting, and organizing the photos that I took during our trip. There are 339 photos, 132 of which are in the "60 mi Gallery"…

  • Post a new comment

    Error

    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 4 comments