Slashdot Mirror

← Back to Stories (view on slashdot.org)

The First Annual Underhanded C Contest

Posted by CowboyNeal on from the delightfully-malicious dept.

Xcott Craver writes "We have just announced a new annual contest, the Underhanded C Contest, to write clear, readable, innocent-looking C code that implements malicious behavior. The object is to hide evil functionality that survives visual inspection of the source. The prize is beer."

3 of 341 comments (clear)

  1. It's a bad idea by Anonymous Coward · · Score: 3, Interesting

    Count on the likes of Sun, Microsoft, and anyone else selling a non-C language to pounce on this as a marketing opportunity.

    C is a superb language. Why besmirch its reputation with a contest to make it seem as untrustworthy as possible?

  2. Attack the Compiler by LionKimbro · · Score: 4, Interesting

    Why attack the source code when you can instead attack the compiler?

    You need only attack the compiler, or the linker, or the interpreter.

  3. An example from years ago by exp(pi*sqrt(163)) · · Score: 4, Interesting
    There was a bug in the Watcom compiler for DOS many years ago. As a bug report I sent them a piece of code something like:
    char *s = "Fortune coookie";
    int *p = (char *)s;
    for (i = 0; i<4; ++i) {
    putchar(((char *)p)[i]);
    }
    Looks innocent enough. But actually it actually printed an obscenity. There was a bug in the pointer addition code generated by the compiler so that even though (char *)p was a pointer to type char it still used sizeof(int) to index into the array and so it printed every 4th character. (And that explains why I used three o's.)
    --
    Doesn't it make you feel good to know that our freedoms are protected by politicans, lawyers and journalists.