Hacker News

Favorites Setup
Comment by tpoacher | original | The Underhanded C Contest
[−]tpoacher · 2026-07-02 Thu 08:11 UTC · link
My favourite entry was the "leaky redaction" one, which created a "redacted" version of an image in the text-based ppm image format, but in such a manner that most of the redacted information could be restored directly from the file.

The trick was to redact by converting characters to zeroes, as opposed to words. So "8" would become "0", but "256" would become "000" rather than "0". In a black and white text document, distinguishing between "0" and "000" effectively faithfully recreates the original document! But even in color pictures, it was very interesting to see how much information is still retained going from 256bits per channel down to just 3.

The method was underhanded in that the code at that section was written in a seemingly very sensible manner, enough to convince an astute auditor that this was an honest and defensible bug.