Parsing Markdown with regexes and MD5 (:wtf:) is seriously hilarious
-
Input:
**_*\**)**
Output: _*)What the actual fuck kind of parsing is this? I am seriously laughing out loud at my desk. It's absolutely the most ridiculous parsing system I've ever heard of.
N.B.: I think I've golfed it as much as possible. Let me know if you can do better, though.
-
Did you say you wanted to have lots of hex?
-
Those bugs still exist?!
-
They will as long as they use regexes to parse Markdown and MD5 hashes to "escape" special markdown characters.
Once you know that's what's happening behind the scenes it's pretty easy to see how this is completely and infinitely fallible.
-
Wasn't this a feature that was supposed to calculate the MD5 of a given text but it doesn't work and/or conflicts with the other markdown?
The MD5 ends up being a substring of the hash of
*
:3389dae361af79b04c9c8e7057f60cc6
-
Ah, so that's it. I figured it looked a tad short for MD5. Guess I should have counted :P
-
Once you
know that's what's happening behind the sceneshave used Discourse for more than 26 seconds it's pretty easy to see how this is completely and infinitely fallible.
-
MD5 hashes to "escape" special markdown characters.
Ah...what....???... ..... why..... .....
-
@rc4 said:
MD5 hashes to "escape" special markdown characters.
Ah...what....???... ..... why..... .....
No, discourse.
-
Here's the underscore version, because of course there is one:
*_)
__*_\__)__
-
# Within tags, encode * and _ so they don't conflict
# with their use in Markdown for italics and strong.`
# We're replacing each such character with its
# corresponding MD5 checksum value; this is likely
# overkill, but it should prevent us from colliding
# with the escape values by accident.Quote from source.
Yeah.
This is https://www.youtube.com/watch?v=UMnT4tp-cMk TR.
-
Just like the old
***\****
version that was "fixed" (the character limit won't let me put enough sneer quotes around fixed), this one also eats text.*_) I tried making a strong text joke before remembering that property of this bug.
__*_\__)__ I tried making a strong text joke before remembering that property of this bug.
-
That is one of the stupidest things I've ever read...I wrote a BBCode parser out of boredom when I was in college and barely knew TI-BASIC, and I just removed all the "escaped" things from the text and kept an index around so I could re-insert them when I was done. And it Just Worked, with no found edge cases. Why do developers keep writing these hemorrhaging tumors of malignant bugs?
I'd love to see these jokers
designbuildhack togethera car. Changing the oil would probably require using a garden hose to overflow the crankcase and flush all the oil out the valve cover instead of draining it, then doing the same thing with oil to flush all the water out, then tipping the car upside-down to drain out the excess oil until it's at the right level.
Filed Under: (We haven't had a bad car analogy in too long)[], (I apparently forgot how to make fake links in MarkdoBBMLsco *_)&nmsp;MD5)[]
-
Car analogies are the Cadillac of analogies.
-
I'd love to see these jokers
designbuildhack togethera car. Changing the oil would probably require using a garden hose to overflow the crankcase and flush all the oil out the valve cover instead of draining it, then doing the same thing with oil to flush all the water out, then tipping the car upside-down to drain out the excess oil until it's at the right level.If they made a car you wouldn't need to change the oil because the discomobile would use any. After all, oil is a to motoring .
-
I apparently forgot how to make fake links
-
Why not just leave the parens empty? Nobody will notice the missing underline...
EDIT: Also WTF why doesn't this one get underlined? https://what.thedailywtf.com/t/we-need-the-power-mode-for-discourse/53025
-
-
Basically Markdown is just terrible awful shit. So it was the obvious choice for Discourse.
: Let's take something that's just terrible and mix other parsers into it so that it's even worse and they're all terrible too!
-
# Within tags, encode * and _ so they don't conflict
# with their use in Markdown for italics and strong.
# We're replacing each such character with its
# corresponding MD5 checksum value; this is likely
# overkill, but it should prevent us from colliding
# with the escape values by accident.It reads like poetry. Jeff Atwood-Mother-Theresa-of-online-discourse has another gift.
-
Basically Markdown is just terrible awful shit.
No, Markdown was just terrible. It took the genuis of tw@wood to make it truly discoworthy.
-
I like Markdown.
-
No, Markdown was just terrible.
Well, that was kind of my point. Markdown is terrible. I just remebered the whole CommonMark fiasco. That was a compicated situation:
- on one hand, it pissed off John Gruber, so that's a nice bonus.
- on the other hand, it's a initiative, so it's fucked from the get-go.
- on the other other hand, goddamn it, Markdown is still fucking terrible.
-
# Within tags, encode * and _ so they don't conflict
# with their use in Markdown for italics and strong.`
# We're replacing each such character with its
# corresponding MD5 checksum value; this is likely
# overkill, but it should prevent us from colliding
# with the escape values by accident.Quote from source.
I think my head just exploded. How does someone even think of this retarded fuckery?
-
http://www.redditblog.com/2009/09/we-had-some-bugs-and-it-hurt-us.html?m=1
The second bug was also in the markdown library. To prevent double escaping of certain characters, they are run through MD5 after being escaped once, and then the MD5 is undone at the end ...
> To fix the second, we added a salt for the MD5, so that it would not be predictable.http://www.theprospect.net/wp-content/uploads/2013/08/headdesk1.gif
Filed under: Why are there so few animated head-desks on the internets?, Also, GIFs don't onebox.
-
-
Wow, that's creepy...
-
Tell me about it...
-
: Blue, of course!
-
-
-
-
-
-
-
Nope...
Also acceptable: "Clown Vomit"
The blood of our enemies isn't a color. It has a color, but it itself isn't a color.
-
The blood of our enemies isn't a color. It has a color, but it itself isn't a color.
I used to think that about mustard.
-
Your enemies bleed mustard? Are your enemies hot dogs?
-
No, my mustard bleeds. You get this liquid that separates out and you have to shake it up. Yuck.
-
Your mustard is weak!
-
Yes, it very rarely fights back.
-
It's not the same! You could say "the color of mustard", or "mustard yellow", or "#FFDB58", or just "Mustard" if you want to be concise, since "Mustard" is a color. "The blood of our enemies" is, by itself, not a color.
-
or just "Mustard" if you want to be concise, since "Mustard" is a color
TDIL
Go pick up a fancy box of crayons and be amazed at the color names.
-
Go pick up a fancy box of crayons and be amazed at the color names.
If I find one in the color "The Blood of our Enemies", you'll be the first to know.
-
"Ooh, boomzilla gray!"
-
-
I was using "boomzilla" as an adjective to describe "gray." I wasn't using it as a verb (i.e. boomzilla is gray) nor was I using it as a possessive noun (e.g. "boomzilla's custom, very own, handy-dandy shade of gray!")
Also, LOL at "boomzilla's gay"
Lastly, piss off limey.
-
-
-
@codinghorror what color are the robes that Discourse cultists wear?
It depends on the temperature, they are obviously cold-mapped.