LouisLouis19 / pe

0 stars 0 forks source link

No filter for quantity above INT_MAX #13

Open LouisLouis19 opened 3 years ago

LouisLouis19 commented 3 years ago

As a super rich user, I would like to add billions of billions of food to my fridge. I set the quantity to a very huge quantity from the save file. And this value is read as a string as it is above INT_MAX, and not filtered out properly. Preventing the program from starting all together, as it throws an exception Screenshot 2021-11-12 at 5.04.23 PM.png

Screenshot 2021-11-12 at 5.05.23 PM.png

nus-pe-script commented 3 years ago

Team's Response

Thanks for this bug report.

This bug has been accepted (as a duplicate) because it is a valid flaw.

However, I've downgraded the severity to low as most households, whom this product is targeted towards:

Hence, most users are unlikely to face this problem, and it wouldn't hinder normal usage in the slightest. Furthermore, if the user needed to make the value correct, they could change back the value. Hope you can accept this severity.

The 'Original' Bug

[The team marked this bug as a duplicate of the following bug]

Edit quantity from shop saved file prevent program from running (PROGRAM CANNOT RUN)

As seen below, I would like to buy a huge amount and a huge number in the saved shop is not filtered out properly. Program unable to start, exception thrown Screenshot 2021-11-12 at 5.15.49 PM.png

Screenshot 2021-11-12 at 5.17.07 PM.png


[original: nus-cs2113-AY2122S1/pe-interim#2898] [original labels: severity.High type.FunctionalityBug]

Their Response to the 'Original' Bug

[This is the team's response to the above 'original' bug]

Thanks for this bug report.

This bug has been accepted because it is a valid flaw.

However, I've downgraded the severity to low as most households, whom this product is targeted towards:

  • would not be editing their text file unless they knew how to use it.
  • would not be adding a quantity above trillions

Hence, most users are unlikely to face this problem, and it wouldn't hinder normal usage in the slightest. Furthermore, if the user needed to make the value correct, they could change back the value. Hope you can accept this severity.

Items for the Tester to Verify

:question: Issue duplicate status

Team chose to mark this issue as a duplicate of another issue (as explained in the Team's response above)

Reason for disagreement: [replace this with your explanation]


:question: Issue severity

Team chose [severity.Low] Originally [severity.High]

Reason for disagreement: Thank you for the response! I believe that this error is not only restricted to adding quantities above trillions, but any values above 2147483647 or below -2147483648 (an invalid quantity) will cause the program to crash at the start. It was unfortunate that I could not find the details about households as the product's targeted users in the user guide, which caused me to try out values which are more suited for multi-national companies instead.

Moreover, stating that target users would not be editing their text files is an understatement, as the files are for users to edit (Hence, why it is human editable). And stating a warning in the user guide not to tamper with files is still not an excuse for developers not to catch and filter any file-related errors, ie. data corruption.

This was further emphasized in detail by the prof in this issue: https://github.com/nus-cs2113-AY2122S1/forum/issues/144

I decided to mark this bug with high severity as it prevented users from starting the program at all even though the data stored in the text files are seemingly of a valid saving format. Hence, causing a major inconvenience to users.