This isn't the kind of issue a code review would catch. Code review will find when the code isn't written to standards or doesn't look maintainable. It isn't going to catch a subtle misuse of a technique that should be valid.
That depends on what kind of code review you're doing. Code reviews intended to find bugs are very good at finding bugs that would be hard to find by testing.
> the review should also be reviewing the tests, and you should really have a test if you have a standard.
Codes reviews and unit tests aren't a substitute for QA or acceptance testing. It's great when code reviews do catch stuff like this, but that's not going to catch everything. To me this bug points to deficiencies in another part of the process.
I know nothing about this encoding but I would think each implementable feature of the standard should have some tests that you can implement. Maybe some sample data and then process it’s encoded counter part. I bet I am trivializing it but I would hope they are thinking twice about shoring up their process.
