Importance of Proper Bug Description in Defect Reporting Successful testers avoid overemphasis on functional correctness, and focus on the ways in which people might obtain value from a program — or have that value threatened. Being a tester, reporting bugs clearly in order to alert a developer is just as important as verifying functional correctness. Testers should possess good documentation skills in addition to their testing capabilities. There are several instances that I know of where a major bug was improperly documented and reported to the developer. My post offers a clear example that demonstrates the importance of documenting bugs properly, which is taken from one of our own testing instances. We needed to perform functional testing on a new feature that had been introduced for a media site. After completing functional testing, we were supposed to perform a regression testing on the media site since release was scheduled on the same day. I performed a detailed functional testing on the new enhancements of the web application and later began regular regression testing, starting with self-user registration and moving to core verification such as subscribing. I was quite happy with user registration of the screen, since registration form was simple and did not consume much testing time. The registration page asked for: user identification, zip code, password and a prompt to retype the password for confirmation. I entered my first test with a new User ID and password. Everything went well during registration and I received a confirmation message saying ―Registration Successful‖. I reran the test with the same User ID but this time with a different password and checked for system response. I was looking for an error message saying ―User Id already exists. Please try another ID for registration‖. To my surprise, no error message was generated. Instead, it returned a success confirmation message. The system had overwritten user input with the latest new password submitted. This security issue was marked as ―medium‖ priority and identified the bug as ―Duplicate e-mail IDs are accepted in user registration‖. Anyone scanning this bug description would not take this bug seriously. As a result, an external team changed the bug priority from medium to low, and deferred this for release. We realized that the bug was a high security issue and needed to be escalated to the developers as a number one priority. We changed the bug description to, ―System overwrites the password of registered users during self –registration‖. This bug was very important to fix because, if I was aware of any user’s email ID, then I would have control over his or her access with just a simple self-registration click and entering the UserID along with my new password. After reassigning the bug for fixing with this new description, the issue was resolved immediately by the developers.
Visit IVESIA’S WEBSITE Follow us at LINKEDIN and TWITTER