Defaults Can Sink You
TL;DR: Treat unknown responses as unauthorized, not as valid.
ProblemsToday is computer security day and every programmer needs to acknowledge its responsibility.
\ Imagine an application handling sales that relies on response pools from credit card processors to handle transactions.
\ Each credit card processor provides predefined response codes for various situations, such as insufficient balance or expired cards.
\ The issue begins when a processor adds a new response code for denied transactions but doesn't notify the platform.
\ The application doesn't recognize the new code, defaults to treating it as "not found," and authorizes the purchase.
\ Users notice this flaw and exploit it to make unauthorized purchases.
\ The platform's revenue plummets, leading to bankruptcy.
Sample Code Wrong String response = paymentProcessor.authorize(cardDetails); switch (response) { case "DECLINED_INSUFFICIENT_FUNDS": // Handle insufficient funds break; case "DECLINED_EXPIRED_CARD": // Handle expired card break; default: // Authorize purchase break; } Right String response = paymentProcessor.authorize(cardDetails); switch (response) { case "APPROVED": // Authorize purchase break; case "DECLINED_INSUFFICIENT_FUNDS": // Handle insufficient funds break; case "DECLINED_EXPIRED_CARD": // Handle expired card break; case "DECLINED_NEW_REASON": // Handle new declined reason break; default: // Reject purchase (default case for unknown responses) break; } DetectionYou can detect this smell by reviewing error-handling logic.
\ Check if the system logs and denies unrecognized cases.
\ Automated tests can help identify if new or unexpected inputs default to valid actions.
\ Static analysis tools can help by flagging potentially incomplete error handling.
TagsIt's critical to maintain a one-to-one correspondence between your application's internal representation of payment processor responses and the actual codes returned by the processor.
\ When you break the Bijection, you create a mismatch.
\ The application interprets unknown codes incorrectly, leading to unexpected behavior, security holes, and potentially disastrous business consequences.
AI GenerationAI tools can create this smell if you don't specify how to handle unknown cases.
\ For example, generic error handling might default to benign outcomes like "not found" or "success."
AI DetectionAI generators can fix this smell when you instruct them to treat unknown cases as unauthorized and emphasize logging and testing unexpected scenarios.
Try Them!Remember: AI Assistants make lots of mistakes
| Without Proper Instructions | With Specific Instructions | |----|----| | ChatGPT | ChatGPT | | Claude | Claude | | Perplexity | Perplexity | | Copilot | Copilot | | Gemini | Gemini |
ConclusionAlways handle unknown cases cautiously.
\ Defaults like "not found" can lead to severe security issues and financial losses.
\ Make logging and denying unknown responses part of your development practices.
\ Make shift-left decisions related to security while programming.
Relationshttps://hackernoon.com/how-to-find-the-stinky-parts-of-your-code-part-xxii
https://hackernoon.com/how-to-find-the-stinky-parts-of-your-code-part-viii-8mn3352
DisclaimerCode Smells are my opinion.
CreditsPhoto by Nathana Rebouças on Unsplash
https://www.youtube.com/watch?v=J2QOejhA6ek
Assumptions are the mother of all failures.
Said Ouissal
Software Engineering Great Quotes
This article is part of the CodeSmell Series.
All Rights Reserved. Copyright , Central Coast Communications, Inc.