Off-by-one Error on Scorpion

Scorpion is a show about a group of geniuses that repeatedly prevent catastrophes with science and math knowledge. Exaggerating the science to advance the plot seems standard for TV, but I was amused by an off-by-one error in a recent episode.

In this episode, the female character, Happy, and her partner Toby have sought relationship guidance. They were given a tally counter to track how many times Happy does something that annoys Toby. When they return to the counselor in this scene, Happy comments on the (large) number of clicks: “Not 32. It hit 99 and then turned over. It’s 131 clicks.” But she’s wrong. When it turned over on the 100th click, the counter would have shown “00” and then “01” on the 101st click, etc. until it showed “32” after the 132nd click.

In the context of the show’s plot and really for almost all conversational purposes, this isn’t an important distinction, but these characters are supposed to be geniuses. But there’s a reason off-by-one errors are discussed in intro computer science courses and joked about on Twitter.

For one, they’re easy to make, often hard to diagnose, and in some applications an off-by-one error can introduce security vulnerabilities.

Although I haven’t read it thoroughly myself, this writeup seems to be a good start for gaining a more technical understanding of a buffer overflow attack that exploits an off-by-one error. There are a ton of other resources, but most seem to build up from exploits that take advantage of programs that completely fail to check input, rather than accidentally allowing an input that is just 1 character too long.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s