Needless to say that all of the above required reading a LOT of specifications (mostly RFCs). I think I should have compiled a "highlights of WTF-RFC" way back when I first came across something like that. But today I saw one again and I'd like to share it as an example. Recent implementation ideas drifted towards a graphics library and I started with the GIF format decoding. The specs are available here: http://www.w3.org/Graphics/GIF/spec-gif89a.txt
...and right there, chapter 20 (page 13) is a little gem. I quote:
"Values: 0 - Local Color Table is not present. Use Global Color Table if available."
Innocent enough when you just read it. But try to put that into code... it leaves an empty code path:
if (hasLocalTable) { UseLocalTable(); } else { if (hasGlobalTable) UseGlobalTable(); else ????!!!! }
And let me tell you, the specs of our beloved internet are FULL of these omissions that let programmers create loopy implementations left and right. DON'T you ever curse any one company or project team anymore! Sometimes there are "undefined" situations in the specs and god knows how the software is going to react then.
Why am I so upset? Because I want to write a STABLE implementation. That means that I check every possible misuse of parameters and values inside the files that I read. There have been numerous attacks through wonky image decoders in web browsers dating back to the mid-90's with an animated GIF that would nuke your Netscape Navigator... including countdown :D
So: While a VALID GIF will have either local or global color table, a crafted, malicious one might not. My code is going to "throw" up a matching error... but what does other code do?