I have been working on a database project, and I recently received a bug report for the remote execution of some queries.
Usually, you try to find out the actual cause for the bug to occur and then fix it.
But sometimes what I do when I'm fed up of doing some research (and can't find suitable information on the internet) is just change the logic, which takes me much less time compared to the other option.
Is this approach correct, or should I try to fix the original bug involving more R&D?
Best Answer
In my head this raises alarmbells.
Granted, I am not a database programmer. My work is not nearly as security critical for example. But when you say
I get the feeling that you know yourself that the approach you're taking is most likely not the one you should be taking.
To me it seems you're treating symptoms rather than the underlying problem. And I can't say I have never done so. But experience tells me that, although it might never happen, this will usually come back to bite you in places you don't want to be bitten.
I would say that your last sentence is correct. Take the time to find and fix the original bug. You can't be sure you've fixed the issue if you haven't figured out what the issue was in the first place.
Any workaround might cosmetically solve your problem, but could as well introduce side-effects you hadn't thought of, besides possibly still leaving your system exposed to the original problem.