top of page
Any of my free tools can be freely shared, but only in case where there is no profit, even from ads.
Anyway you can share the link to my website if you like it.
If you like my tools, please support me at: https://ko-fi.com/Wilenty ,
thanks to you I will be able to improve my tools and create new ones.
Search
Writer's pictureWilenty
Jul 192 min read

Quality of the InnoSetup source code

Do you see any problem in below quote of IS code?


Compile.pas -> "if (ADestDir = '{tmp}') or (Copy(ADestDir, 1, 4) = '{tmp}\') then"


Most used versions of IS with above bug, to the latest one.


v5.5.0:

or


v5.5.5:

or


v5.6.1:

or


v6.0.5:

or


v6.1.2:

or


v6.2.2:

or


v6.3.3:

or


v6.4.0-dev:

or


The length of the string 'tmp' is 3.

The length of the string '{tmp}' is 5.

So, the number of the string '{tmp}\' length should be?

Compile.pas -> "if (ADestDir = '{tmp}') or (Copy(ADestDir, 1, ?) = '{tmp}\') then"


This is not the first time that issrc's changes on github look like a "painting the wall with a can of paint":


Of course people make mistakes, but it's open source code available to all, but none of "many eyes" has seen this bug for all of these years, not even the IS developers?


Maybe the 25-year-old IS developer should be changed to someone who will review the IS source code from beginning to the end and remove all of these obvious mistakes?


If such simple bug persist for all the time, I even don't want to wonder what else can be found in the IS source code.


"Examples\CodeClasses.iss":


Let's also talk about the InnoSetup forum.


Latest questions to the IS devs without answers:

(and more...)


Since they do not answer the questions directed to them, I also will not help them with bugs in the code and (will) write about the bugs found here.


And IS forum itself:


Gavin Lambert "shooting with a gun again" (quote):

(...)The correct response to "how do I shoot people in the foot?" is not "here's a gun", even if the gun in question has better safety features than the one they were already using.


Is it a forum to discus about creating software, or for help developers creating their installers?

Secondly, why does the InnoSetup forum moderator allow such posts?


And (quote):

(...)The shortcut flag exists only for end-users, who lack the ability to do any of the above things, and is a workaround for broken software. Don't release broken software.


InnoSetup is full of bugs, so why InnoSetup Forum users promote InnoSetup but they are discredit other solutions?




"Proper Support for ASLR":


There's a document about "ASLR security" for years:


InnoSetup installer base files "grow" from version to version because of the newer Delphi compiler, and now they are much bigger because of the "ASLR support".

Is it really worth to add the "ASLR support" if the installer can be easily unpacked? I don't think so...


---


In summary.


Now you can wonder why big corporation force developers to avoid InnoSetup:


It is not that InnoSetup is very bad. It's very well that it exists and it works (some how). It takes a lot of work and time to create such software from scratch!

But, the terrifying things are: the changes to the IS source code without checking (and/or deep tests), ignoring difficult questions about code on the forum and tolerating reprehensible (inappropriate) messages.

6 views0 comments

Recent Posts

See All

InnoSetup Updater v1.0

Small program to update/upgrade InnoSetup installation or Portable to the latest stable version or beta (dev) if available. It uses the...

0 comments

Comments

bottom of page