1

I'm learning C# with Yellow Book. In the chapter 3.1.9, when describing differences between passing parameter values as ref vs out, it says the following:

When you pass a parameter as a reference you are giving the method complete control of it. Sometimes you don't want this. Instead you want to just allow the method to change the variable.

If I am the one coding the method, i.e. its behavior, how am I giving it complete control of it?

4r73m190r0s
  • 51
  • 5
  • I think you're reading too much into this. – ProgrammingLlama May 16 '22 at 10:14
  • 2
    This has nothing to do with any kind of security; there are no (effective) security boundaries inside a single process. What the book is simply saying (ineptly) is that a `ref` allows access to the value going in, instead of forcing the callee to create a new one; it's a potential maintainability issue. – Jeroen Mostert May 16 '22 at 10:15
  • Check this post, it may help you to understand main concept https://stackoverflow.com/a/3781193/6691714 – Reza Heidari May 16 '22 at 11:41

1 Answers1

0

It doesn't mean it is less secure, it just means the method "has control over your variable" that you are passing as parameter for "processing". It can potentially return a completely new object and not the one you "provided". More can be found here:

When used in a method's parameter list, the ref keyword indicates that an argument is passed by reference, not by value. The ref keyword makes the formal parameter an alias for the argument, which must be a variable. In other words, any operation on the parameter is made on the argument. For example, suppose the caller passes a local variable. The called method can then replace the object to which the ref parameter refers. In that case, the caller's local variable or the array element refers to the new object when the method returns.

vhr
  • 1,528
  • 1
  • 13
  • 21