Stack Overflow
Stack Overflow

Questions tagged [defensive-programming]

Defensive programming is a form of defensive design intended to ensure the continuing function of a piece of software in spite of unforeseeable usage of said software. Defensive programming techniques are used especially when a piece of software could be misused mischievously or inadvertently to catastrophic effect.

148 questions
340
votes
24 answers

What's the purpose of using braces (i.e. {}) for a single-line if or loop?

I'm reading some lecture notes of my C++ lecturer and he wrote the following: Use Indentation // OK Never rely on operator precedence - Always use parentheses // OK Always use a { } block - even for a single line // not OK, why ??? Const object…
JAN
  • 21,236
  • 66
  • 181
  • 318
255
votes
20 answers

When should I use Debug.Assert()?

I've been a professional software engineer for about a year now, having graduated with a CS degree. I've known about assertions for a while in C++ and C, but had no idea they existed in C# and .NET at all until recently. Our production code contains…
Nicholas Mancuso
  • 11,599
  • 6
  • 45
  • 47
102
votes
14 answers

Techniques for obscuring sensitive strings in C++

I need to store sensitive information (a symmetric encryption key that I want to keep private) in my C++ application. The simple approach is to do this: std::string myKey = "mysupersupersecretpasswordthatyouwillneverguess"; However, running the…
Thomi
  • 11,647
  • 13
  • 72
  • 110
71
votes
7 answers

Erlang's let-it-crash philosophy - applicable elsewhere?

Erlang's (or Joe Armstrong's?) advice NOT to use defensive programming and to let processes crash (rather than pollute your code with needless guards trying to keep track of the wreckage) makes so much sense to me now that I wonder why I wasted so…
Andrew Matthews
  • 3,006
  • 2
  • 29
  • 42
48
votes
4 answers

Is it possible that Java String.split can return a null String[]

Is it possible for split to return a null String[]? I am curious as I want to try to be as defensive as possible in my code without having unnecessary checks. The code is as follows: String[] parts = myString.split("\\w"); do I need to…
Woot4Moo
  • 23,987
  • 16
  • 94
  • 151
45
votes
1 answer

C++ always use explicit constructor

After reading the following blog : http://xania.org/200711/ambiguous-overloading I started asking myself "should I not always explicit define my constructors?" So I started reading more than found out this article…
oopsi
  • 1,919
  • 3
  • 21
  • 28
44
votes
12 answers

0xDEADBEEF equivalent for 64-bit development?

For C++ development for 32-bit systems (be it Linux, Mac OS or Windows, PowerPC or x86) I have initialised pointers that would otherwise be undefined (e.g. they can not immediately get a proper value) like so: int *pInt = reinterpret_cast
Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
38
votes
12 answers

Does wrapping everything in try/catch blocks constitute defensive programming?

I have been programming for the last 3 years. When I program, I use to handle all known exceptions and alert the user gracefully. I have seen some code recently which has almost all methods wrapped inside try/catch blocks. The author says it is part…
Navaneeth
38
votes
14 answers

How defensively should I program?

i was working with a small routine that is used to create a database connection: Before public DbConnection GetConnection(String connectionName) { ConnectionStringSettings cs= ConfigurationManager.ConnectionStrings[connectionName]; …
Ian Boyd
  • 246,734
  • 253
  • 869
  • 1,219
35
votes
9 answers

How to hide strings in a exe or a dll?

I discovered that it is possible to extract the hard-coded strings from a binary. For example the properties view of Process Explorer displays all the string with more than 3 characters. Here is the code of a simple executable that I wrote to simply…
Winz
  • 496
  • 1
  • 6
  • 7
30
votes
5 answers

Is this code defensive programming, or bad practice?

I have this debate with my colleague about this piece of code: var y = null; if (x.parent != null) y = x.parent.somefield; My point of view is that in the place where the code is, x.parent should not POSSIBLY be null. And when it is null, we…
Allen Zhang
  • 2,432
  • 2
  • 20
  • 31
22
votes
5 answers

Copy constructors and defensive copying

What is a copy constructor? Can someone share a small example that can be helpful to understand along with defensive copying principle?
user2094103
  • 685
  • 3
  • 7
  • 14
21
votes
2 answers

How to combine defensive programming techniques together?

The question I want to ask you is quite wide but in the same time it's very concrete. First, I have to say, that I mostly interested in answers which are applicable in the .net environment. Well, I want to increase the level of the code I produce.…
Igor Soloydenko
  • 11,067
  • 11
  • 47
  • 90
17
votes
9 answers

Checklist for Web Site Programming Vulnerabilities

Watching SO come online has been quite an education for me. I'd like to make a checklist of various vunerabilities and exploits used against web sites, and what programming techniques can be used to defend against them. What categories of …
Mark Harrison
  • 297,451
  • 125
  • 333
  • 465
15
votes
3 answers

What's the most defensive way to loop through lines in a file with Perl?

I usually loop through lines in a file using the following code: open my $fh, '<', $file or die "Could not open file $file for reading: $!\n"; while ( my $line = <$fh> ) { ... } However, in answering another question, Evan Carroll edited my…
CanSpice
  • 34,814
  • 10
  • 72
  • 86
1
2 3
9 10