Leaderboard

Final version of my eBook Delphi Event-based and Asynchronous Programming has been released - 291 pages. You can find more information and purchase option at: https://dalija.prasnikar.info/delphiebap/index.html Thanks to all of you who purchased the incomplete pre-release version (179 pages) of my eBook! After a minor delay, the full version is here! You can download it through the same PDF/epub/mobi links that you have received earlier from FastSpring via email. The subject line of that email message was: "Your Delphi Event-based and Asynchronous Programming - Part I Delivery Information". If you have any problems, feel free to contact me via the contact form on my site. Thanks again! Happy Holidays to you all!

Hi, Just want to point out this is a new customer that already has a running application written in Delphi. I might be hired to fix/upgrade/replace it. He bought the software to keep it in-house, and after a few months he got hacked. He was using the latest version, and I was asked to recompiled the project and get rid of all those problems. The company sold the application with sources to the application but no 3rd library sources are included. I can't rebuild the project. He must buy a few libraries first. As far as I can tel, it seems he got a nasty virus that modified the program resources. I explained it wasn't Delphi's fault, and that could happen to any software. In fact I found other applications that were crippled too. He seemed to understand... I run several antivirus, nothing was detected. So the virus just crippled the software and destroyed itself. As for the application. It is written in Delphi XE. Some passwords are hard coded and disclosed to some managers. But that was not the issue. The screen where that password should be entered is bypassed, and even if the screen was displayed, the editor where the password is typed in will display the password! Holy cow! Hopefully I managed to convince them to update to Delphi 10. Time will tell

That's why nobody loads passwords into edit boxes even if it's just showing placeholders, but how the holy cow would one load any password back into anything as they are not even stored since decades, just its hashes. (Ok, this particular ftp client you showed has to store them, but it's quite different from a desktop application)

Tampering with executables is pretty routine, and can be done for pretty much any program irrespective of the language it is coded in. The real question here is why the target was running a tampered executable in the first place. That seems like the real source of the problem, not that the original executable was written in Delphi. If your new customer thinks that the problem will be solved by writing programs in "safe" languages then he/she is delusional. Once you let an attacker execute their code in your computer, the game is over.

I would disagree to that, because a compiler should understand that by ref and by value of the same value is requested, and should process the by value first, because the initialization of OUT should be considered "inside" the function, not from the caller. http://docwiki.embarcadero.com/RADStudio/Sydney/en/Parameters_(Delphi)#Out_Parameters So the compiler could process all parameters before he touches any OUT parameter. An OUT variable should be IMHO considered undefined, until "inside" the function some value is assigned to. At least this is what I would expect here, and it should be easy for a compiler to detect such situation.

Looks like it is a check for passing the same param twice, not necessarily a check for the out param thing.

I posted about it before in this forum and was told that it's intended behavior. Admittedly, it's a corner case, but it did happen and cost me a lot of time to figure it out. A compiler warning would have been nice.

"Out" parameters are an even bigger can of worms. I had refactored some code recently to use "OUT" parameters instead of VAR parameters (in order to more clearly document the intended use) and it had side effects that were hard to figure out. I thought my debugger had gone bananas. Try single-stepping through this code and watch the values. In hindsight, the cause is clear, but I find the compiler should throw a warning if it encounters such a situation. I now avoid OUT parameters. procedure tform2.test(OUT somestring:String; Defaultvalue:String); begin Somestring:=Defaultvalue; end; procedure TForm2.Button1Click(Sender: TObject); var t:string; begin t:='Testing 1-2-3'; Test(t,t); Showmessage(t); end;

What is GExperts? GExperts is a plugin for the Delphi IDE that adds many enhancements and also fixes some bugs. Which Delphi versions are supported? By the time of this writing GExperts supports Delphi 6 to 10.4 (with the exception of Delphi 8). GExperts releases always support/require the latest update for each Delphi version available at the time of the release. Where can download it? There is a link to downloads for the current and older releases on https://gexperts.dummzeuch.de I found a bug, what do I do? Please file a bug report. If you happen to have already fixed this bug, please also attach a patch or an archive with the changed source files. I have a brilliant idea for an improvement. What do I do? Please file a feature request. I have added some improvement to GExperts. Where can I submit it? Please also file a feature request and attach a patch or an archive with changed source files. Why shouldn't I report bugs an request features through this forum? I prefer to work on the actual program rather than being my own secretary. Taking posts from the forum and create the bug reports / feature requests is boring and time consuming work. I don’t want to do that work. Where is the source code? See compiling your own DLL. Why is GExperts still on SourceForge rather than on Github like all the other important projects? I happen to like SubVersion better than Git. Github does not support SubVersion (apart from a bridge with limited features). What if I have a question not covered in this list? There is a more comprehensive list of frequently asked questions on my homepage Additional questions can of course be asked in the forum.

The combo box drop down can only be opened in active window.