The Codex of Business Writing Software for Real-World Solutions 2.pptx
Why we didn't catch that application bugs
1. Catch Me If You Can
Customer Fund Bug Analysis
Liang Gao
2.
3. Analysis Customer Found Bug is Good
• Why we didn’t find it through our internal
testing
• What test case can be designed to catch that
• What kind of test strategy can cover that
• How can we make sure we can catch this kind
if bug from now on
4. Bug # 1, WebEx Bug:
• In Windows, if you share Adobe Acrobat (PDF)
files in landscape mode, they may display in
portrait mode
• In Mac, You can only connect to WebEx sessions
from behind a Microsoft ISA proxy server, in basic
mode, that has user authentication enabled.
• In Linux: you cannot clear just your own
annotations. When you clear annotations, all
annotations are removed.
5. Bug # 2 WebEx Bug:
• If Active X is disabled in Internet Explorer,
contacts cannot be imported from Microsoft
Outlook.
• In Mac, You can only connect to WebEx sessions
from behind a Microsoft ISA proxy server, in basic
mode, that has user authentication enabled.
• In Linux: you cannot clear just your own
annotations. When you clear annotations, all
annotations are removed.
6. Bug # 3 WebEx Bug:
• If a single occurrence of a recurring WebEx meeting is
either deleted or rescheduled, the meeting
information is not updated on the WebEx service site.
In the host and attendee's Outlook calendars,
however, the deleted or rescheduled meeting still
appears correctly.
• If a template used during Outlook integration has
"Mute on Entry" option enabled, you will still hear a
sound as attendees join the session.
• Attendee registration can not be enabled for recurring
WebEx meetings scheduled using Lotus Notes
Integration.
11. Bug 9: Google Doc Sharing Bug
We have two documents with one owner and two contributors each:
Document 1, contributors: A, B
Document 2, contributors: C, D
If I were to select both documents and make E a contributor,
this is what I would expect to happen:
Document 1, contributors: A, B, E
Document 2, contributors: C, D, E
This is what actually happened:
Document 1, contributors: A, B, C, D, E
Document 2, contributors: C, D, E
12. Bug 10: Google Doc Authentication
Bug
For Google Doc,
an image embedded into
a protected document is given a URL which is not protected
14. Bug 12: Boundary Testing Bugs
14
214-748-3647
Most popular
phone number
in US
Largest 32 bit
signed number
Store phone
number in a
signed 32 bits
and didn’t check
buffer overflow
15. Bug 13: Visa Credit Card Bug
Recently several Visa card holders were overcharged for certain purchases,
to the tune of $23,148,855,308,184,500.00 on a single charge.
The company says it was due to a programming error, and that the problem
has been corrected.
What is interesting is that the amount charged actually reveals the type of
programming error that caused the problem. 23,148,855,308,184,500.00 *
100 (I'm guessing this is how the number is actually stored) is
2314885530818450000. Convert 2314885530818450000 to hexadecimal,
and you end up with 20 20 20 20 20 20 12 50. Most C/C++ programmers see
the error now ... hex 20 is a space. So spaces were stuffed into a field where
binary zero should have been."
16. Bug 16: Cisco Bug
• Title: 在向某防火墙发送 version 字段为 0 的
IPv6 报文时,打开防火墙的 snoop ,会造
成防火墙重启 .
• How would you design test case?
• Why it was not caught internally
• What kind of test strategy can cover this?
17. Bug 17: Cisco Bug
• 处理 IPv6 分片 ICMP 大包 . 防火墙上结果是
未通过
• How would you design test case?
• Why it was not caught internally
• What kind of test strategy can cover this?
18. Bug 18: Cisco Bug
• 某网络安全代理产品:当访问已有代理的
Web 服务器时候访问不了
• How would you design test case?
• Why it was not caught internally
• What kind of test strategy can cover this?Content secure gateway
Proxy Web Server
19. Bug 19: Cisco Bug
• 配置了 65535 个 RP 和 1785 个 vlan 的 IP
地址后, wr ,死机,重新断电启动,
等待 10 分钟后仍然无法启动
• How would you design test case?
• Why it was not caught internally
• What kind of test strategy can cover this?
20. Bug 20: Cisco Bug
• 当使用 BGP PEER GROUP 时,当邻居
实际 AS 与配置的 AS 不同时,仍能建
立连接
26. Bug 27: 微软 Office 2003 权限
Bug• Cannot Open Office 2003 Documents
Protected with RMS
• Starting on December 11, 2009, customers
using Office 2003 will not be able to open
Office 2003 documents protected with the
Rights Management Service (RMS) or save
Office 2003 documents protected with
RMS. The following error message may be
displayed when attempting to Open RMS
Documents using Office 2003:
27. Bug 28: 微软手机 Bug
• Messages received after 1/1/2010 may be
dated as 2016
• Today's date 010110
• BCD 10 is 0001 0000 in binary, which is 16
in decimal.
• Bank of Queensland’s Eftpos terminals.
OQ’s Eftpos machines skipped ahead six
years when the clock ticked over to January
1 and started date stamping January 2016.
28. Bug 29: SpamAssassin Bug
• Messages received after 1/1/2010 are all
treated as Spam
• Promptly at the start of the new year, all
mails started getting an extra 3.4 points
based on FH_DATE_PAST_20XX:
header FH_DATE_PAST_20XX Date
=~ /20[1-9][0-9]/ [if-unset:
2006]
describe FH_DATE_PAST_20XX
The date is grossly in the
future.