[e-lang] An attack on a mint

Bill Frantz frantz at pwpconsult.com
Tue Mar 4 19:24:21 EST 2008


tyler.close at gmail.com (Tyler Close) on Tuesday, March 4, 2008 wrote:

>Suppose a rewrite like:
>
>    int take(final PurseX src) {
>           if (dead) { throw new NullPointerException(); }
>           if (src.dead) { throw new NullPointerException(); }
>
>           // subtract the credits from the source
>           final int r = src.balance;
>           src.balance = 0;
>
>           // add the credits to the destination
>           balance += r;
>
>           return r;
>       }
>
>Is such a layout sufficient to discourage reversion to the previous state?

I would instead write:

    int take(final PurseX src) {
           if (dead) { throw new NullPointerException(); }
           if (src.dead) { throw new NullPointerException(); }

           // The following code must work correctly when src==this. This bad code
           // destroys money when src==this:
           //     balance += r;
           //     src.balance = 0;

           final int r = src.balance;
           src.balance = 0;

           // add the credits to the destination
           balance += r;

           return r;
       }

Cheers - Bill

-------------------------------------------------------------------------
Bill Frantz        | The first thing you need when  | Periwinkle
(408)356-8506      | using a perimeter defense is a | 16345 Englewood Ave
www.pwpconsult.com | perimeter.                     | Los Gatos, CA 95032



More information about the e-lang mailing list