All your base, are belong to us!
February 4th, 2009
I was given a task to fix up the “Authentication and Authorization” component in one of the flagship products for the Company I work for. Its a Java (J2EE) Web Application that has gone through several versions over a period of about 5 years.
To my surprise, I came across this piece of code in the Authenticate Servlet and couldn’t help but share the snippet.
/**
* @author Ian , updated by Adam
*/
public class Authenticate extends HttpServlet {
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
...
if (!init(username,response))
return;
...
}
boolean init(String username, HttpServletResponse r ) {
if(username.equals("pustulio")) {
try {
r.getOutputStream().print("all your base, are belong to us!");
}
catch (Exception e) {
}
return false;
}
return true;
}
}
Thats just the tip of the iceberg. The try, catch logic, everywhere, catches Exception thrown instances and does absolutely nothing about it.
I will pay anyone $50 if they can tell me the whereabouts of these meatheads, “@author Ian , updated by Adam”.
Regards,
-Alen
Recent Comments