Protective Coding

Citric · June 24, 2005, 02:32:22 PM

Hi all

i thought came into my head today(isnt that amazing, doesn't happen to often), how protective coding is too much?

i don't mean security, i mean to stop someone doing stupid things, either by mistake or on purpose?

Is it enough to stop at raising no exceptions? or everything you can possibly think of?

I don't really know, maybe in production it should be everything? but is that cost(time) effective?

Adam

Jimg · June 24, 2005, 02:48:34 PM

In production code, I've found that "protective coding" takes as much time if not more than the actual program. But you MUST do it. The worst part is checking for an error you suspect will never happen, and if it does, you have no idea how to handle it. I always hated this part of programming, but for real products, it's cheaper than servicing the end user calls for assistance and complaints. :P

Tedd · June 24, 2005, 03:38:57 PM

The usual approach is "as little as you can get away with" :bdg
Definitely deal with anything fatal, and anything harmful. After that, if you have chance/motive then deal with other things as you feel necessary.
Unfortunately, it can become an 80-10 ratio -- 80% of the code is to handle 10% of the situations (the errors.)

hutch-- · June 24, 2005, 04:07:29 PM

This is why I am a fan of "suicide" code, mess it up and it goes BANG. Where you DO need to do extra is when the task involves something external that you cannot control like an internet connection or a result from another program, essentially the type of things that require structured exception handling. Interfacing with certain types of hardware like CD and DVD writers is risky and if you mess it up, the box locks up, (win2k, xp as well)

I see the real action is in testing software to death under as wide a range of conditions as possible and if it survives this type of testing, it may have a life as a decent working application. I just don't see the point of "idiot proof" programming as there will always be a better idiot behind the development wheel who can make a mess of it. Non tolerant procedure design says either you get it right or it explodes in your face.

MichaelW · June 24, 2005, 06:06:29 PM

To determine if a program is idiot proof you must test it with a panel of idiots, or at least an AI (Artificial Idiot (tm)) :green

Citric · June 25, 2005, 12:21:05 AM

Quote from: hutch-- on June 24, 2005, 04:07:29 PM
This is why I am a fan of "suicide" code, mess it up and it goes BANG.

I like this kinda idea, but i deffinately will take it with a grain of salt

Cheers Adam

ps i just wrote a small dll and thinking about protecting would then make it a large dll!

Quote from: Tedd on June 24, 2005, 03:38:57 PM
Unfortunately, it can become an 80-10 ratio -- 80% of the code is to handle 10% of the situations (the errors.)

you are so right!

News:

Protective Coding

Citric

Jimg

Tedd

hutch--

MichaelW

Citric