What's the funniest code we can think of?

mybearworld

gosoccerboy5 wrote:
(#1420)
I wish we had a forum nerd emoji

Vaibhs11 wrote:
(#1419)
if 1:

That's better.
[offtopic]why do people always use [code=python] instead of [code py3]? it actually has correct syntax highlighting![/offtopic]

Last edited by mybearworld (Sept. 21, 2022 14:50:43)

Maximouse

Chiroyce wrote:
DifferentDance8 wrote:
mybearworld wrote:
the worst part of this is that a variable is named “bool”
import os
def print(something):
    os.system(f"echo {something}")
print("mybearworld")
your code is vulnerable to code injection, if i run the below, all your files are gone forever
print("'bye bye lol'; rm -rf ~/*")
use the subprocess module instead
from subprocess import run
def print(something):
	run(["echo", something])
print("mybearworld")

This is still vulnerable – an attacker can put a file named “echo” in the working directory. Using an absolute path is safer:

run(["/usr/bin/echo", something])

mybearworld

Maximouse wrote:
(#1422)
Chiroyce wrote:
DifferentDance8 wrote:
mybearworld wrote:
the worst part of this is that a variable is named “bool”
import os
def print(something):
    os.system(f"echo {something}")
print("mybearworld")
your code is vulnerable to code injection, if i run the below, all your files are gone forever
print("'bye bye lol'; rm -rf ~/*")
use the subprocess module instead
from subprocess import run
def print(something):
	run(["echo", something])
print("mybearworld")
This is still vulnerable – an attacker can put a file named “echo” in the working directory. Using an absolute path is safer:
run(["/usr/bin/echo", something])

This is still vulnerable – an attacker can put a file named “subprocess.py” in the working directory. Not doing it like that is safer:

print(something)

Last edited by mybearworld (Sept. 21, 2022 15:51:35)

CST1229

mybearworld wrote:
(#1423)
Maximouse wrote:
(#1422)
Chiroyce wrote:
DifferentDance8 wrote:
mybearworld wrote:
the worst part of this is that a variable is named “bool”
import os
def print(something):
    os.system(f"echo {something}")
print("mybearworld")
your code is vulnerable to code injection, if i run the below, all your files are gone forever
print("'bye bye lol'; rm -rf ~/*")
use the subprocess module instead
from subprocess import run
def print(something):
	run(["echo", something])
print("mybearworld")
This is still vulnerable – an attacker can put a file named “echo” in the working directory. Using an absolute path is safer:
run(["/usr/bin/echo", something])
This is still vulnerable – an attacker can put a file named “subprocess.py” in the working directory. Not doing it like that is safer:
print(something)

But then it loses all its funniness!

Vaibhs11

gosoccerboy5 wrote:
I wish we had a forum nerd emoji

cough cough ahem lets get back to topic shall we

Chiroyce

Maximouse wrote:
This is still vulnerable – an attacker can put a file named “echo” in the working directory. Using an absolute path is safer:

Ah I said that because in case the print function takes user input it would be a problem. Also what mybearworld makes sense, if you anyways have access to the filesystem then this is pointless and my point still stands.

also i think i posted this before but this is still funny lol

try {
    throw "ball";
} catch (ball) {
    console.log("I caught a " + ball);
}

no template strings as djangobb formatter doesnt support it

Last edited by Chiroyce (Sept. 21, 2022 16:13:14)

mybearworld

Chiroyce wrote:
(#1426)
Maximouse wrote:
This is still vulnerable – an attacker can put a file named “echo” in the working directory. Using an absolute path is safer:
Ah I said that because in case the print function takes user input it would be a problem. Also what mybearworld makes sense, if you anyways have access to the filesystem then this is pointless and my point still stands.

also i think i posted this before but this is still funny lol
try {
    throw "ball";
} catch (ball) {
    console.log("I caught a " + ball);
}
no template strings as djangobb formatter doesnt support it

Such bad exception handling!
This is how it's supposed to be:

try {
    throw Math.random() <= 0.5 ? "ball" : Error();
} catch (ball) {
    console.log("I caught " + (String(ball).toLowerCase().startsWith("a") || String(ball).toLowerCase().startsWith("e") || String(ball).toLowerCase().startsWith("i") || String(ball).toLowerCase().startsWith("o") || String(ball).toLowerCase().startsWith("u") ? "an" : "a") + " " + ball);
}

gosoccerboy5

mybearworld wrote:
gosoccerboy5 wrote:
(#1420)
I wish we had a forum nerd emoji

yes ik about forumoji but who the * wants to use that every time they want an emoji lmao

mybearworld wrote:
[offtopic]why do people always use [code=python] instead of [code py3]? it actually has correct syntax highlighting![/offtopic]

my reaction to this:

gosoccerboy5

also, `exec` and `input` are safe together right?

exec(input("What code you want to run today?"))

should be fine right?

mybearworld

gosoccerboy5 wrote:
yes ik about forumoji but who the * wants to use that every time they want an emoji lmao

yeahh

who would do that

seriously

how come people actually do that

mybearworld

gosoccerboy5 wrote:
(#1429)
also, `exec` and `input` are safe together right?
exec(input("What code you want to run today?"))
should be fine right?

Yes of course! Noone would input anything like __import__(“os”).system(“rem whatever the code for deleting everything is”)!

edit: fixed py to py3

Last edited by mybearworld (Sept. 21, 2022 18:15:37)

NanoRook

mybearworld wrote:
Chiroyce wrote:
(#1426)
Maximouse wrote:
This is still vulnerable – an attacker can put a file named “echo” in the working directory. Using an absolute path is safer:
Ah I said that because in case the print function takes user input it would be a problem. Also what mybearworld makes sense, if you anyways have access to the filesystem then this is pointless and my point still stands.

also i think i posted this before but this is still funny lol
try {
    throw "ball";
} catch (ball) {
    console.log("I caught a " + ball);
}
no template strings as djangobb formatter doesnt support it
Such bad exception handling!
This is how it's supposed to be:
try {
    throw Math.random() <= 0.5 ? "ball" : Error();
} catch (ball) {
    console.log("I caught " + (String(ball).toLowerCase().startsWith("a") || String(ball).toLowerCase().startsWith("e") || String(ball).toLowerCase().startsWith("i") || String(ball).toLowerCase().startsWith("o") || String(ball).toLowerCase().startsWith("u") ? "an" : "a") + " " + ball);
}

least boilerplate filled java code

Maximouse

mybearworld wrote:
Maximouse wrote:
This is still vulnerable – an attacker can put a file named “echo” in the working directory. Using an absolute path is safer:
run(["/usr/bin/echo", something])
This is still vulnerable – an attacker can put a file named “subprocess.py” in the working directory. Not doing it like that is safer:
print(something)

Python imports modules from the directory where the script is located, not the current directory.

mybearworld

NanoRook wrote:
least boilerplate filled java code

least boilerplate filled java code

DifferentDance8

int main()
{
    // statistically proven to be random
    int x;
    std::cout << x << '\n'
    return 0;
}

ajskateboarder

Silly code that actually works

def main(): {
    print("Hello world")
}
if __name__ == "__main__":
    main()

This is also some useless code:

pass; import sys; import os; from win32con import TRUE; print;(1);Warning;();'a\a';rnd=exec.__eq__(repr);''.__format__('');pass;xy=['1', 2, 't{}'.format('he. what')], property.__format__;sys.__dict__;x=1;print('...', end='{}'.format(''.format('\n...')));'//._.\\';y="""
what is actually going on!""";print(x);del sys; sys='what i just deleted sys'; print(sys); 'lmao nothing gets printed anymore'; sys.replace('\n\n\n', f'{bool.__class__}'.format(True)); print(str(xy).replace('(', '').replace(')', '')
.replace(", <method '__format__' of 'object' objects>", '').replace("'", '').replace('[', '').replace(']', '').split(' ')[2], str(xy).replace('(', '').replace(')', '').replace(", <method '__format__' of 'object' objects>", '').replace("'", '')
.replace('[', '').replace(']', '').split(' ')[3]); os.chdir(os.getcwd()); del x; x = 1;pass;pass;pass;pass;pass;

PkmnQ

mybearworld

PkmnQ wrote:
(#1437)

Parenthetic?

TheSecondGilbert

PkmnQ wrote:

Email addresses can be valid expressions in python, it just takes a bit of preparation.

class Before:
    def __init__(self):
        self.smith = After()
        self.com = After()
class After:
    def __matmul__(self,other):
        return "Python email address"
john = Before()
example = Before()
print(john.smith@example.com)

It could be “better”:

class Name(list):
    def __init__(self, name):
        super().__init__(name.split("."))
    def __getattr__(self, name):
        self.append(name)
        return self
    def __str__(self):
        return ".".join(iter(self))
    def __repr__(self):
        return f"Name({str(self)!r})"
    def __matmul__(self, domain):
        return Email(self, domain)
class Email(tuple):
    def __new__(self, name, domain):
        return super().__new__(Email, (name, domain))
    def __str__(self):
        return f"{self[0]}@{self[1]}"
    def __repr__(self):
        return f"Email{super().__repr__()}"
john = Name("john")
example = Name("example")
email = john.smith@example.com
print(email)
print(repr(email))

BreadcatGames

theonlygusti wrote:

This one is from C++, another macro:

#include <iostream>
#define System S s;s
#define public
#define static
#define void int
#define main(x) main()
struct F{void println(char* s){std::cout << s << std::endl;}};
struct S{F out;};
/* this guy's a genius... */
public static void main(String[] args) {
  System.out.println("Hello World!");
}

That’s actually genius

Discuss Scratch