I also argue that failing to syntax highlight this correctly is a security issue... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		mistercow 11 months ago \| parent \| context \| favorite \| on: Weird Lexical Syntax I also argue that failing to syntax highlight this correctly is a security issue. You can terminate block comments with Unicode escapes, so if you wanted to hide some malicious code in a Java source file, you just need an excuse for there to be a block of Unicode escapes in a comment. A dev who doesn’t know about this quirk is likely to just skip over it, assuming it’s commented out.

styglian 11 months ago [–]

I once wrote a puzzle using this, which (fortunately) doesn't work any more, but would do interesting things on older JDK versions: https://pastebin.com/raw/Bh81PwXY

Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact