Skip to main content

Test what you think of and even what you don't!

Posted by bdudney on June 3, 2004 at 5:19 AM PDT

The other day I was taking with my friend Kent who works for Agitar Software, a vendor of a really cool unit test automation tool called Agitator, and he was saying that they found an interesting bug for one of their clients using the tool.

Have you ever searched google for a way to replace a regular expression with another string in Java? I did with this search and found some interesting results (you will see how Kent fits in just bit so hang on).

The first hit (at least when I searched) takes you to the great site Java Almanac and a piece of code that seems to fit the bill.

    static String replace(String str, String pattern, String replace) {
        int s = 0;
        int e = 0;
        StringBuffer result = new StringBuffer();
        while ((e = str.indexOf(pattern, s)) >= 0) {
            result.append(str.substring(s, e));
            s = e+pattern.length();
        return result.toString();

Now comes the interesting part. This code has a serious bug in it and its not all together obvious when you first grab it. And besides its on the Java Almanac, it must have been tested a thousand time right!

To see the bug in action try this test

     replace("Original String", "", "pattern");

Unlikely that you actually type code in like that but who knows what might happen when the parameters that are passed are values in your program. These could be parameters from a user that forgot to type in the pattern or some other such thing.

The really interesting thing is that the method never returns. This code will go into an infinite loop because the indexOf will always return zero for the empty string.

That is where Kent comes back into the picture. A few weeks back he was called in to assist some of their clients with some problems they were having with their applications. Kent went to help them apply the Agitator to their apps to see if they could nail down the bugs. Come to finde out of the four clients Kent visited everyone of them had coppied and pasted this very code into their applications. This infinite loop was at least part of the problem.

There are a couple of lessons to learn here. One you should always test the code you down load from the net. The people who post code are just that, people. They make mistakes and sometimes what they post is broken. The second thing is test what you think of and also what you don't think of. The bug in the string replace code is non-obvious and in most cases I doubt I would have recognized the bug right off hand if Kent had not pointed it out. If it had been me that copied this code I would have very likely tested for passing in null for the pattern and/or replace string but probably not for the empty string. That is where tools like Kent's Agitator come in very handy they help you to see the stuff you did not think of.

Happy Coding, and make sure to test everything!

BTW: I tried to send email to the Almanac but there was no contact info on the site that I could find. If you know how to contact them please post it in a comment!