Path: csiph.com!newsfeed.hal-mli.net!feeder3.hal-mli.net!newsfeed.hal-mli.net!feeder1.hal-mli.net!news.tele.dk!feed118.news.tele.dk!news.tele.dk!small.news.tele.dk!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.004 X-Spam-Evidence: '*H*': 0.99; '*S*': 0.00; 'python.': 0.02; 'languages,': 0.04; 'syntax': 0.04; 'received:134': 0.05; 'duplicate': 0.07; 'if,': 0.09; 'terminated': 0.09; 'python': 0.11; 'bug': 0.12; 'language.': 0.14; "wouldn't": 0.14; 'block.': 0.16; 'braces': 0.16; 'unlikely': 0.16; 'followed': 0.16; 'language': 0.16; 'looked': 0.18; 'stefan': 0.19; 'example': 0.22; 'programming': 0.22; 'putting': 0.22; 'header:User-Agent:1': 0.23; 'compilation': 0.24; 'url:02': 0.24; "haven't": 0.24; 'mention': 0.26; 'second': 0.26; 'header:In-Reply-To:1': 0.27; 'function': 0.29; "doesn't": 0.30; 'statement': 0.30; 'code': 0.31; 'accidentally': 0.31; 'block,': 0.31; 'indentation': 0.31; 'probably': 0.32; 'quite': 0.32; 'trouble': 0.34; 'subject:the': 0.34; 'problem': 0.35; 'but': 0.35; 'doubt': 0.36; 'url:org': 0.36; 'error.': 0.37; 'half': 0.37; 'list': 0.37; 'easily': 0.37; 'being': 0.38; 'skip:& 10': 0.38; 'to:addr:python-list': 0.38; 'recent': 0.39; 'to:addr:python.org': 0.39; 'either': 0.39; 'simple': 0.61; 'first': 0.61; 'such': 0.63; 'due': 0.66; 'between': 0.67; 'legal': 0.71; 'obvious': 0.74; 'article': 0.77; 'goto': 0.84; 'pardon': 0.84; 'url:2014': 0.84; 'stood': 0.93 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Ap8EAAiyFVOGuA9G/2dsb2JhbABag0HBRIE2gxoBAQR4EQsOExYPCQMCAQIBRQYNCAKHdQ3GKIYFEwSOWIQ4BJg8hjOLeIMu Date: Tue, 04 Mar 2014 12:02:33 +0100 From: Antoon Pardon User-Agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131103 Icedove/17.0.10 MIME-Version: 1.0 To: Pyton List Subject: Re: why indentation should be part of the syntax References: <531480DD.5040204@rece.vub.ac.be> In-Reply-To: <531480DD.5040204@rece.vub.ac.be> X-Forwarded-Message-Id: <531480DD.5040204@rece.vub.ac.be> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 53 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1393930956 news.xs4all.nl 2871 [2001:888:2000:d::a6]:57773 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:67659 Op 02-03-14 11:41, Stefan Behnel schreef: > Haven't seen any mention of it on this list yet, but since it's such an > obvious flaw in quite a number of programming languages, here's a good > article on the recent security bug in iOS, which was due to accidentally > duplicated code not actually being as indented as it looked: > > https://www.imperialviolet.org/2014/02/22/applebug.html > > Stefan > Well I can give an example where accidentally duplicated code can get you in trouble with python and which would be easily caught in C. If you accidentally duplicate the first half of a function. Chances are python will just accept it, because it is unlikely the last line that was duplicated was an if, for or while line. So your half duplicated function is probably legal python. However it is very unlikely that the braces will match so you will very likely get a compilation error. IMO the problem with C, is not that indentation is not part of the language. The problem is that after an if, for or while, you get the choice between putting either one simple statement or a block. I doubt you would get this problem in a language like modula2 where an if, for or while statement is always followed by a block, terminated with "END". So with modula like syntax the code would have looked like IF (err := SSLHashSHA1.update(&hashCtx, &signedParams)) != 0 THEN goto fail; goto fail; END which wouldn't have been a problem Or it might have looked like this IF (err := SSLHashSHA1.update(&hashCtx, &signedParams)) != 0 THEN goto fail; END goto fail; This would have produced the same problem but it would also have stood out because the second goto is indented in a place where it is obvious it doesn't match the program structure. -- Antoon Pardon