Defensive programming is a form of defensive design intended to ensure the continuing function of a piece of software in spite of unforeseeable usage of said software. Defensive programming techniques are used especially when a piece of software could be misused mischievously or inadvertently to catastrophic effect.
Questions tagged [defensive-programming]
148 questions
14
votes
15 answers
How "defensive" should my code be?
I was having a discussion with one of my colleagues about how defensive your code should be. I am all pro defensive programming but you have to know where to stop. We are working on a project that will be maintained by others, but this doesn't mean…
Ionut Anghelcovici
14
votes
3 answers
Getting meaningful error messages from fstream's in C++
What is the best way to get meaningful file access error messages, in a portable way from std::fstreams ? The primitiveness of badbits and failbits is getting to be bit annoying. I have written my own exception hierarchies against win32 and POSIX…
Hassan Syed
- 20,075
- 11
- 87
- 171
12
votes
2 answers
How to use the Either type in C#?
Zoran Horvat proposed the usage of the Either type to avoid null checks and to not forget to handle problems during the execution of an operation. Either is common in functional programming.
To illustrate its usage, Zoran shows an example similar to…
SuperJMN
- 13,110
- 16
- 86
- 185
12
votes
9 answers
Test Cases AND assertion statements
The code in this question made me think
assert(value>0); //Precondition
if (value>0)
{
//Doit
}
I never write the if-statement. Asserting is enough/all you can do.
"Crash early, crash often"
CodeComplete states:
The assert-statement makes the…
jan
- 1,581
- 2
- 19
- 34
11
votes
2 answers
Defensive programming and exception handling
A couple days ago, I have following theoretical questions on the exam:
(a) Explain what is meant by defensive programming when dealing with
exceptional circumstances that may occur during the execution of a
program. You may refer to examples…
kuper006
- 111
- 1
- 4
11
votes
14 answers
Defensive programming
When writing code do you consciously program defensively to ensure high program quality and to avoid the possibility of your code being exploited maliciously, e.g. through buffer overflow exploits or code injection ?
What's the "minimum" level of…
David
- 14,047
- 24
- 80
- 101
11
votes
7 answers
How can I declare derived "shell" classes that do nothing but act as renames?
I have two different kinds of strings I'm passing around and using in my code, and the two are closely related, but should not be confused for one another. I thought I could help myself avoid errors by having two classes that are just strings, but…
Atario
- 1,371
- 13
- 24
11
votes
3 answers
Logging with Vala
I am new to Vala programming and have experiences with Java and .NET yet I haven't been able to find anything useful on how to log with Vala. Is there any useful logging facility like log4j or log4net or what's the suggested way to log in Vala with…
Martin Macak
- 3,507
- 2
- 30
- 54
10
votes
1 answer
Avoiding accidental capture in structural pattern matching
This example is being discussed as likely "gotcha" when using pattern matching:
NOT_FOUND = 400
retcode = 200
match retcode:
case NOT_FOUND:
print('not found')
print(f'Current value of {NOT_FOUND=}')
This is an example of accidental…
Raymond Hettinger
- 216,523
- 63
- 388
- 485
10
votes
2 answers
JavaScript anti-silent techniques to indicate failure
What would be a good way to report errors in JavaScript instead of relying on nulls, and undefineds when errors do occur and a function is unable to proceed forward. I can think of three approaches:
do nothing
throw an exception
assert
Here's a…
Anurag
- 140,337
- 36
- 221
- 257
9
votes
5 answers
Test Cases VS ASSERTION statement
In my most C++ project I heavily used ASSERTION statement as following:
int doWonderfulThings(const int* fantasticData)
{
ASSERT(fantasticData);
if(!fantasticData)
return -1;
// ,,,
return WOW_VALUE;
}
But TDD community…
popopome
- 12,250
- 15
- 44
- 36
8
votes
8 answers
Is clone() really ever used? What about defensive copying in getters/setters?
Do people practically ever use defensive getters/setters? To me, 99% of the time you intend for the object you set in another object to be a copy of the same object reference, and you intend for changes you make to it to also be made in the object…
GreenieMeanie
- 3,560
- 4
- 34
- 39
8
votes
2 answers
Editor templates for defensive programming
Recently I worked on FindBugs warnings about exposing internal state, i.e. when a reference to an array was returned instead of returning a copy of the array. I created some templates to make converting that code easier.
Which one did you create to…
Daniel Hiller
- 3,415
- 3
- 23
- 33
8
votes
2 answers
Why defensive copying with clone represents a security issue?
These days I am reading the second edition of Effective Java by Joshua Bloch. In the item 39 he mentions that it is a good idea to make defensive copies of mutable objects passed as arguments, say in constructors of a given class Foo, if these…
Efraim J Lopez
- 83
- 6
8
votes
10 answers
Defensive Programming: Guidelines in Java
I’m from a .NET background and now dabbling in Java.
Currently, I’m having big problems designing an API defensively against faulty input. Let’s say I’ve got the following code (close enough):
public void setTokens(Node node, int newTokens) {
…
Konrad Rudolph
- 530,221
- 131
- 937
- 1,214