[e-lang] An attack on a mint
Bill Frantz
frantz at pwpconsult.com
Tue Mar 4 19:24:21 EST 2008
tyler.close at gmail.com (Tyler Close) on Tuesday, March 4, 2008 wrote:
>Suppose a rewrite like:
>
> int take(final PurseX src) {
> if (dead) { throw new NullPointerException(); }
> if (src.dead) { throw new NullPointerException(); }
>
> // subtract the credits from the source
> final int r = src.balance;
> src.balance = 0;
>
> // add the credits to the destination
> balance += r;
>
> return r;
> }
>
>Is such a layout sufficient to discourage reversion to the previous state?
I would instead write:
int take(final PurseX src) {
if (dead) { throw new NullPointerException(); }
if (src.dead) { throw new NullPointerException(); }
// The following code must work correctly when src==this. This bad code
// destroys money when src==this:
// balance += r;
// src.balance = 0;
final int r = src.balance;
src.balance = 0;
// add the credits to the destination
balance += r;
return r;
}
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | The first thing you need when | Periwinkle
(408)356-8506 | using a perimeter defense is a | 16345 Englewood Ave
www.pwpconsult.com | perimeter. | Los Gatos, CA 95032
More information about the e-lang
mailing list