I noticed, that jslint warns me about increment:
var x = 1;
x++;
Unexpected expression '++' in statement position.
From doc:
They are second only to faulty architecture in enabling to viruses and other security menaces
How can viruses exploit this?
Can someone explain why it's bad and what can it cause?
I'm not sure why you cannot read documentation, anyway:
++ and --
The ++ increment and -- decrement operators have been known to contribute to bad code by encouraging excessive trickiness. They are second only to faulty architecture in enabling to viruses and other security menaces. Also, preincrement/postincrement confusion can produce off-by-one errors that are extremely difficult to diagnose. Fortunately, they are also complete unnecessary. There are better ways to add 1 to a variable.
It is best to avoid these operators entirely and rely on += and -= instead.
UPDATE: As soon as original question is changed, here is answer to new one:
The main idea of quoted phrase is that you can make mistake and provide security hole (which could be exploited by viruses), imagine pseudo-nodejs-code which takes values from user and writes to database:
arguments = array('sql'=>'query');
i=0;
if (arguments[i]=='sql' and arguments[i++] does not contain drop table)
exec db query arguments[i];
if (arguments[i]=='file' and arguments[i++] is not executable js/php)
save content of arguments[i] as file on disk, so it can be executed
here is, small mistake in postincrement leads to security holes
