Subscribe to this list via RSS Blog posts tagged in General Software Development

Posted by on in Blogs
Microsoft Patches VS 2005 Security Hole On 2 November of this year I linked a report of a remote code execution security hole in Visual Studio 2005 which is being actively exploited. Today, Microsoft released an update to fix the problem. If you're running VS 2005, you should update immediately. Microsoft also released patches for IE and Media Player today....

Posted by on in Blogs
On Unit Testing and Type Safety In the midst of an overall-interesting post on Functional Programming Languages and Silver Bullets, Larry O'Brien makes an interesting observation: For instance, right now there's a huge debate about explicit typing. Is it helpful or not to declare that a variable is an integer? Meanwhile, there's not a huge debate about the value of unit-testing. That is, everyone agrees that it's helpful to declare that a variable always be greater than 0 and less than, say, 2^32. Is the irony not clear? Unit-...

Posted by on in Blogs
New Features in StarTeam 2006 Borland has released StarTeam 2006, and a detailed list of its new features. Here's a bird's-eye view, with some editorial comments from me. Atomic checkins: This is a big deal, although it is a bit of an "about time, really" feature. It was conspicuous by its absence in past versions. 4 GB file support: Nice, although I have no personal need for it. VMWare support: Again, nice to have. New merge/compare tool: Finally! MPX in Enterprise: This was an Enterprise Advantage feature now available to...

Posted by on in Blogs
Is Apple QuickTime Malware? Against my better judgment, I've installed QuickTime on my computer so that I can view the few movies on the web which use one of Apple's proprietary formats. I say "against my better judgment" because QuickTime seems to be full of security holes (routinely downplayed by Apple) and ill-conceived and dangerous "features." While Apple does seem to eventually fix these problems, even when they won't admit the seriousness of them, the way they distribute patches ranges from dysfunctional to outright...

Posted by on in Blogs
Integrating DUnit and FinalBuilder I've just added unit test execution to our automated builds. Nothing too hard, there, but there are a couple of things I had to look up. First, DUnit doesn't have a command-line switch for console vs. GUI mode; you have to use a compiler directive. So I had to add CONSOLE_TESTRUNNER to the compiler directives in the automated build. I used the Execute Program action in FinalBuilder to run the tests, set to fail if the exit code is not equal to 0. But then I found that by default DUnit doesn't ch...

Posted by on in Blogs
Bulk Checkout StarTeam 2005 introduced a bco (Bulk CheckOut) utility which is useful when you need to check out a large number of files at once; it's 2-3 times faster than the non-"bulk" version. I'm not sure why they made it a separate utility, but the command-line syntax is very similar. I was able to shave a full minute off of our automated build process by substituting a call to this tool in lieu of the regular FinalBuilder StarTeam checkout action....

Posted by on in Blogs
The "C is Efficient" Language Fallacy Here's an interesting post from Mark C. Chu-Carroll on one area where C and C++ compilers don't do so well: alias detection. He notes a case where interpreted OCaml is faster than compiled C (and even faster when the OCaml is fully compiled). Why? Well, due to language syntax, the OCaml environment can easily tell that two array references must be completely distinct, whereas the C compiler cannot. The OCaml environment can make certain optimizations and parallelizations which are only possible ...
Remote Code Execution Vulnerability in Visual Studio 2005 If you use Visual Studio 2005 you might want to read this article about a serious security problem in the WMI Object Broker ActiveX control installed by VS.NET 2005. An exploit has been in the wild since August. The Microsoft advisory on this goes to some pains to list configurations which aren't affected by the problem, but is somewhat less complete in stating which configurations are at risk. From reading the MS report it looks to me like if you have not installed IE 7 or are not running Serve...

Posted by on in Blogs
C++/CLI and Compact Framework (or the lack thereof) Here's something I didn't know: C++/CLI provides no support for Compact Framework....

Posted by on in Blogs
On "First Class" Languages for .NET Steve Teixeira explains the strategy for Microsoft C++ products and gets dinged in comments with requests to "make VC 8 be a genuine first-class language instead of a second-class one that is useful only as communications tool to a first-class language (C# or VB)." He later responds, "On the VC++ team, we're more interested in enabling development scenarios that are important to our customers than trying to meet some arbitrary bar for being a 'first class' .NET language." Of course many people s...

Check out more tips and tricks in this development video: