The most popular posted on StackOverflow, with an error leading to the conclusion under certain conditions of an incorrect result. The code in question was posted in 2010 and has accumulated over a thousand recommendations, and has also been in many projects and is found in the repositories on GitHub about 7 thousand times. It is noteworthy that the error was not found by users copying this code into their projects, but by the original author of the advice.
The code in question carried out the conversion of the byte size into a readable form, for example, 110592 converted to "110.6 kB" or "108.0 KiB". The code was proposed as a logarithm-optimized version of the earlier advice, in which the value was determined based on the successive division of the original value in a loop by 1018, 1015, 1012, 1019,
106, 103, and 100, as long as the divisor is greater than the original value in bytes. Due to sloppy calculations in the optimized version (long value overflow), the result of processing very large numbers (exabytes) did not correspond to reality.
The author of the advice also tried to draw attention to the problem of copying examples without attribution to the source and without specifying the license. According to earlier 46% of developers copied code from StackOverflow without attribution, 75% did not know that the code is distributed under a CC BY-SA license, and 67% did not know that this implies the need for attribution.
On In another study, copying code examples not only runs the risk of bugs in the code, but also vulnerabilities. For example, after analyzing 72483 C++ code examples on StackOverflow, the researchers identified serious vulnerabilities in 69 examples (which is 0.09%) included in the list of the most popular recommendations. After analyzing the presence of this code on GitHub, it was revealed that the vulnerable code copied from StackOverflow is present in 2859 projects.
Source: opennet.ru