In terms of paranoia, there are three ways to look at computers;
Naive - Once a program compiles and is debugged successfully, there will be no problems with the program. Apart from the user of course.
Murphy's Computer - Programs will fail fail at random. Usually at the worst moment for the user.
Mephistopheles' Computer - Programs will not just fail, they will fail in a manner to cause the most pain for the user.
While it is a good idea to lock down the program's input so that a "clueless user" (translation: some one who can find an undocumented feature) cannot break a program, there are are other ways that inputs can mess up a system. For instance between threads, between processes, or between function calls. In many cases, the programmer must add reality checks to any input from any source, "trusted" or not, in order to keep problem at a minimum.
For instance, reading and writing to the Windows registry. The cases a program will access the registry can be summed into three; when the program starts, when the program stops, and when the program's parameters change.
When the program starts, either the registry entries are there or they are not, as in starting the program for the first time. Plus, just because the root entry is there for the program, does not mean that the sub-entries are there as well.
All a quitting program wants is to write what ever values it has into the registry. If the entry is not there the entry can be created for the value to be stored..
When the program changes parameters, all that it needs is to store the old value and read the new value. While if the entry for the old value does not exist and can be created, a non-existent new value means that the program must recreated this new value with the programmed defaults.
Note that with multiple choices, the program does not have to check those choices not wanted. When done properly, this can be done on-the-fly.
Just remember, "The devil is in the detail."
No comments:
Post a Comment