Checking function parameters in Phobos
Jacob Carlborg
doob at me.com
Wed Nov 20 02:49:32 PST 2013
On 2013-11-20 09:50, Walter Bright wrote:
> Important is deciding upon the notions of "validated data" and
> "untrusted data" is.
>
> 1. Validated data should get asserts if it is found to be invalid.
>
> 2. Untrusted data should get exceptions thrown if it is found to be
> invalid (or return errors).
>
> For example, consider a utf string. If it has passed a validation check,
> then it becomes trusted data. Further processing on it should assert if
> it turns out to be invalid (because then you've got a programming bug).
>
> File open failures should always throw, and never assert, because the
> file is not part of the program and so is inherently not trusted.
>
> One way to distinguish validated from untrusted data is by using
> different types (or a naming convention, see Joel Spolsky's
> http://www.joelonsoftware.com/articles/Wrong.html).
>
> It is of major importance in a program to think about what APIs get
> validated arguments and what APIs get untrusted arguments.
How should we accomplish this? We can't replace:
void main (string[] args)
With
void main (UnsafeString[] args)
And break every application out there.
--
/Jacob Carlborg
More information about the Digitalmars-d
mailing list