Fun with decompiled code.
-
I'm working on a decompiled version of a pre-compiled ASP.NET 2 web site. While the obscure names are to be expected, I'm not sdo sure that the original code didn't include horrors such as:
if (sQueryType == "NAME") { goto Label\_00AA; }[snip]
Label_00AA:
sQ = sQ + "[Name] LIKE '%" + sQuery + "%'";
goto Label_00EF;
[snip]
Label_00EF:
sE = "";
DataView dvSel = new DataView();
DataView dvNot = new DataView();
[the processing starts here]Yuck.
"The clue train passed his station without stopping." - John Simmons / outlaw programmer "Real programmers just throw a bunch of 1s and 0s at the computer to see what sticks" - Pete O'Hanlon "Not only do you continue to babble nonsense, you can't even correctly remember the nonsense you babbled just minutes ago." - Rob Graham
-
I don't get it. Where's the horror?
-
But it's decompiled code. You can't expect the same structure that a human coder would produce. Humans code for readability and maintainability. Optimising compilers code for performance. Try looking at the assembler output from a C++ compiler sometime. You can't move for JMP, JNE and JNZ instructions...
-
But it's decompiled code. You can't expect the same structure that a human coder would produce. Humans code for readability and maintainability. Optimising compilers code for performance. Try looking at the assembler output from a C++ compiler sometime. You can't move for JMP, JNE and JNZ instructions...
-
Brady Kelly wrote:
It's still a horror.
Still don't see why. The compiler's just doing its job - optimising the code for speed or size as appropriate. It's not supposed to be read by humans, so it doesn't matter in the slightest that it doesn't conform to a human's idea of well-structured code.
-
I'm working on a decompiled version of a pre-compiled ASP.NET 2 web site. While the obscure names are to be expected, I'm not sdo sure that the original code didn't include horrors such as:
if (sQueryType == "NAME") { goto Label\_00AA; }[snip]
Label_00AA:
sQ = sQ + "[Name] LIKE '%" + sQuery + "%'";
goto Label_00EF;
[snip]
Label_00EF:
sE = "";
DataView dvSel = new DataView();
DataView dvNot = new DataView();
[the processing starts here]Sorry Brady, you FAIL. Set Reflector options not to optimize C#. Full of branches/goto's ! In fact you would barely be able to read the non-optimized C# from compilation.
xacc.ide - now with TabsToSpaces support
IronScheme - 1.0 alpha 4a out now (29 May 2008) -
Sorry Brady, you FAIL. Set Reflector options not to optimize C#. Full of branches/goto's ! In fact you would barely be able to read the non-optimized C# from compilation.
xacc.ide - now with TabsToSpaces support
IronScheme - 1.0 alpha 4a out now (29 May 2008)leppie wrote:
Sorry Brady, you FAIL. Set Reflector options not to optimize C#. Full of branches/goto's ! In fact you would barely be able to read the non-optimized C# from compilation.
So I must apply a setting that makes the output barely readable? ;P
-
leppie wrote:
Sorry Brady, you FAIL. Set Reflector options not to optimize C#. Full of branches/goto's ! In fact you would barely be able to read the non-optimized C# from compilation.
So I must apply a setting that makes the output barely readable? ;P
-
Not only that. Think of the SQL injection you could do...
-
There is way too much code like that, with direct SQL concats. I am only briefed to add two reports to the system, not secure it. Hell, if I were to decode all the decompiled code and use parametrised queries, I could probably buy a new car with the earnings.