std.locale

[Derek Parnell]

On Wed, 04 Mar 2009 08:12:48 -0800, Sean Kelly wrote:

> So I guess the real question is whether a function is expected to 
> validate its parameters.  I'd argue that it isn't, but then I'm from a 
> C/C++ background.  For me, validation is a debugging tool, or at least 
> an optional feature for applications that want the added insurance.

The rule-of-thumb that I use is that a function needs to validate a
parameter if that parameter /can/ come from user input and /may not/ have
been previously validated and is /critical/ to the success of the
function's behaviour.

If all of these are true, it means that the function has a potential to
fail if it doesn't take the responsibility of parameter validation.

If a parameter can only come from other functions, which are already
guaranteed to only emit validate data, the parameter data does not need
re-validation. However, even for some of these functions a 'contract'
validation of input parameters might be needed if you are attempting to
validate the logic or data flow, rather than the contents of the data
itself.

Contract validation of function results is not the same thing as input
validation. Output validation is an attempt to prove that the function's
logic is correct.

Input validation is not a debugging tool. It is a chance to inform the
program's user that they might have given the program some wrong
information to work with.

-- 
Derek Parnell
Melbourne, Australia
skype: derek.j.parnell