[e-lang] An attack on a mint

Bill Frantz frantz at pwpconsult.com
Mon Mar 10 01:21:26 EDT 2008

mrs at mythic-beasts.com (Mark Seaborn) on Sunday, March 9, 2008 wrote:

>Bill Frantz <frantz at pwpconsult.com> wrote:
>> I would instead write:
>>     int take(final PurseX src) {
>>            if (dead) { throw new NullPointerException(); }
>>            if (src.dead) { throw new NullPointerException(); }
>>            // The following code must work correctly when src==this. This bad code
>>            // destroys money when src==this:
>>            //     balance += r;
>>            //     src.balance = 0;
>>            final int r = src.balance;
>>            src.balance = 0;
>>            // add the credits to the destination
>>            balance += r;
>>            return r;
>>        }
>Wouldn't it be better to write a unit test to check that the behaviour
>is correct for the src==this case?  Anyone reintroducing the bug would
>discover their mistake when they re-run the test suite.  That way the
>comment is nice to have for explaining the code, but you're not
>relying on it to prevent this regression during maintenance.  It's not
>always easy to preserve comments across refactoring anyway.

I would agree that having a unit test to check this condition would
be valuable. However, in my experience, unit tests get lost much
faster than comments.

I must ask, what is refactoring? If I have done it, it wasn't under
that name.

Cheers - Bill

Bill Frantz        |"We used to quip that "password" is the most common
408-356-8506       | password. Now it's 'password1.' Who said users haven't
www.periwinkle.com | learned anything about security?" -- Bruce Schneier

More information about the e-lang mailing list