The Doug API

by ·0 Comments

We’ve got this tester named Doug. Doug’s name strikes fear in the heart of developers on the teams to which he’s assigned. He specializes in finding those boundary conditions, those way outside the scope of anything you’d expect a user to reasonably do (a reasonable user, anyway, and we all know that there are bound to be a subset of them who are unreasonable in just the code-terroristic sort of way as Doug), the ones that break systems in ugly ways.

An example from a bug report he filed today:
Entering the following search term causes the user to see
an unfriendly server error:

!@#$%^&*()`-=[]\;’,./~_+{}|:”?

Now, I’m not certain that this blogging system is going to handle that text well. Computers don’t generally like to be cursed at anymore than humans do.

Or from this bug report filed earlier:
A vendor cannot upload more than 25 Contract Mod Attachments.

Now, Doug sat there and uploaded 25 separate files to find this bug. With no special knowledge of the system to know that 25 was the magic number. For the record, I did correct that bug, but I’m not going to say what the new magic number is, except to say that it’s sufficiently higher that I’ll personally throttle Doug if I discover he’s tripped that particular boundary.

The stuff Doug discovers is key, actually. Lots of security problems in systems end up boiling down to things like this, where the system just can’t handle some data input at the boundaries of what anyone thought was reasonable. No one ever thought that a user would put in such data, and so they didn’t guard against it, and the system broke in some way that offers a hacker a chance to either directly get in, or just gather some information that lets them try another avenue of attack. For instance, if I’m not careful, the error message that the computer returns tends to be the sort that makes it easy for developers to track down sources of bugs, including database table names, code line numbers, etc. But that also gives Joe Hacker a heck of a lot of info to start with.

So, thank you, Doug, for forcing me to be a better developer. I have aspirations of writing a set of objects that do all sorts of bounds-checking, data validation, etc, and somehow plug them in an aspect-oriented kind of way so that a developer can’t neglect to apply the validations. And I think I’ll label the package something .doug.

Leave a Reply

Your email address will not be published. Required fields are marked *