search

denzelcjy / pe

0 stars 0 forks source link

Exception not caught when spending a huge expense #7

Open denzelcjy opened 1 year ago

denzelcjy commented 1 year ago

Steps to reproduce:

-create budget category called food and spending limit of $500 -key in expense add /c food /n burger /a 99999999999999999`

Expected: Expected the application to show that i have overspent my limit by a lot.

Actual: App exits with an uncaught exception with "count is negative"

Screenshots:

image.png

soc-se-bot commented 1 year ago

Team's Response

image.png

Under the tP PE Overview, this is considered as a extreme user behavior, which is caused by integer overflow.

Items for the Tester to Verify

:question: Issue response

Team chose [response.NotInScope]

Reason for disagreement: Hi, I would like to provide my counter argument for this issue:

Using the exact screenshot that you provided in your response,

image.png

I would like to argue that although it can be seen as a deliberate sabotage, there is no limit in your product as to how much or large the expense can be for the user. It is entirely possible for the user to key this numerical value by accident. In fact, even if not by accident, keying in value of 100 billion, which is attainable in the world today, is already throwing the error as shown in the screenshot below:

image.png

In such a case, following on the second paragraph, there should not be any harm caused, and in this case the app should not crash at all and become unusable (in my another issue which you flagged out as a duplicate, the app refuses to start at all after this happens), but it did.

This is only happening because the IllegalArgumentException is not being caught in your program.

As such, since the application is rendered unusable after such an action by the user, I will still stand by my case that this is a bug that is worthy of a Severity.High label, and should be accepted by the developers.

## :question: Issue severity Team chose [`severity.Medium`] Originally [`severity.High`] - [x] I disagree **Reason for disagreement:** Since the application crashes upon a possible input by the user and becomes unusable, I would argue that this bug should be a severity.High issue, following the guidelines in the screenshot below: ![image.png](https://raw.githubusercontent.com/denzelcjy/pe/main/files/4933789a-c0d3-42e2-b5be-3b258be40e57.png)