better prevent than cure
play

Better Prevent Than Cure - Defensive Programming Credits: Fresh - PowerPoint PPT Presentation

Mar 16, 2024 •337 likes •611 views

Better Prevent Than Cure - Defensive Programming Credits: Fresh Sources Inc. Instructor: Peter Baumann email: p.baumann@jacobs-university.de tel: -3178 office: room 88, Research 1 Cannot find REALITY.SYS. Universe halted. 320312

  1. “ Better Prevent Than Cure” - Defensive Programming Credits: Fresh Sources Inc. Instructor: Peter Baumann email: p.baumann@jacobs-university.de tel: -3178 office: room 88, Research 1 Cannot find REALITY.SYS. Universe halted. 320312 Software Engineering (P. Baumann)

  2. Spaghetti Code foo.h #define BAR(x,y) (x)=2*(y) #define FOO(x) BAR(index,x) foo.c #include "foo.h" int index = 42; int f() { int i; for ( i=0; i<10; i++ ) { FOO(i); Image: Wikipedia weirdStuff(index,i); – check it out! } Now some "purist" } renames i to index ... 320312 Software Engineering (P. Baumann) 2

  3. Defensive Programming  Prevention is better than cure, therefore:  Defensive Programming intends “to ensure the continuing function of a piece of software in spite of unforeseeable usage of said software” • [http://en.wikipedia.org/wiki/Defensive_programming]  Good design yields better product • Defending against errors avoids lengthy debugging sessions  Good design should be evident in code • Code is executable; comments aren‟t • Key design checkpoints should be checked by your code 320312 Software Engineering (P. Baumann) 3

  4. Defensive Programming: Example [http://en.wikipedia.org/wiki/Defensive_programming] 320312 Software Engineering (P. Baumann) 4

  5. Invariants  Conditions that do not vary • “Design mileposts” in your code  Loop invariants • True at beginning of each loop iteration ( and after termination if all went well)  Class invariants • True before and after each method call  Method invariants • Pre- and post conditions • Part of “Design -by- contract”  …plus plain old invariants 320312 Software Engineering (P. Baumann) 5

  6. Loop Invariants  Part of program correctness proofs • Mostly an academic exercise  Often conceptual • Should be used more often! • Must be commented instead of tested 320312 Software Engineering (P. Baumann) 6

  7. Loop Invariant Example Credit:  Program for computing the factorial of (integer) n: Alden Wright, U of Montana unsigned int factorial( unsigned int n ) { unsigned int i = 1, fact = 1; while (i != n) Unsafe { – in practice, better use i++; while (i < n) fact *= i; }  Precondition: n >= 1 return fact; }  Postcondition: fact == n! 320312 Software Engineering (P. Baumann) 7

  8. Loop Invariant Example (contd.)  The loop invariant can be:  Termination: • fact = i! • When loop terminates, i = n • This plus the loop invariant implies  Initialization: postcondition. • Before first iteration: i=1, fact=1 => fact=i!  Precondition necessary!  Maintenance: • Let i , fact denote values on previous iteration • Assume fact =i„! , prove fact=i! uint factorial( uint n ) • Proof: { uint i = 1, uint fact = 1; i = i +1 and fact = fact *i // after loop body while (i != n) fact = i ! fact *i = i ! * i // multiplying both sides by i i++, fact *= i; fact = (i-1)! * i return fact; fact = i! }  320312 Software Engineering (P. Baumann) 8

  9. Class Invariants  All constructors should place their object in a valid state  All methods should leave their object in a valid state • pre-condition and post-condition together should guarantee this • Better than just blind coding and testing!  Example: Rational class: • denominator > 0 • gcd(num,den) = = 1 320312 Software Engineering (P. Baumann) 9

  10. Method Invariants  “ Design by Contract ” • Introduced by a Frenchman working in Switzerland living in California  Methods are contracts with the user  Users must meet pre-conditions of the method • Index in a certain range, for example  Method guarantees post-conditions 320312 Software Engineering (P. Baumann) 10

  11. Design by Contract: Example  Users must meet method's pre- int myFunc( char *s, int n ) conditions: { int result = RC_OK; • “s is a string with length between 0 and if (s = = NULL) SMAX-1 ” result = RC_INPUT_ERROR; • “n is an integer between 0 and NMAX” else if (strlen(s) >= SMAX) result = RC_INPUT_ERROR;  drawback: else if (n < 0 || n > NMAX) result = RC_INPUT_ERROR; frequent “ still all ok? ” checks if (result = = RC_OK) • But simple sequence, no deep “if” { nesting do_whatever_is_to_be_done; } return result; } 320312 Software Engineering (P. Baumann) 11

  12. Enforcing Invariants – aka “Error Handling”  Several techniques available, best usage depends…  assertions = force-terminate program • For programmer errors that don‟t depend on end user, non -public member functions  exceptions = break flow of control (aka goto) • For pre-conditions on public member functions  return codes = data-oriented, keep flow of control • Post- conditions are usually a method‟s output 320312 Software Engineering (P. Baumann) 12

  13. Assertions  assert() macro void MyVector::push_back( int x ) { • around since old C days if (nextSlot == capacity)  if argument is false: grow(); assert( nextSlot < capacity ); • prints expression, file, and line number data[ nextSlot++ ] = x; • then calls abort() }  Handling: • Enabled by default • Can turn off with NDEBUG :  Brute force method • #define NDEBUG #include <cassert>  Never ever use it in a server !!! • ( would you like it in your editor? ) 320312 Software Engineering (P. Baumann) 13

  14. Exceptions  Interrupt regular flow of control, try { ripple up calling hierarchy s = myFunc(); • Until matching try/catch embrace } catch (Error &e) • Otherwise abort program {  Exceptions are classes! // error log, file emergency close, ... } • throw() instantiates exception object • can have parameters char *myFunc() throw (Error) { • catch sensitive per exception type char *myPtr = malloc( size );  Can have multiple catch() if (myPtr == NULL) throw new Error(ERR_BAD_ALLOC); • catch(...) sensitive to return myPtr; any exception type } 320312 Software Engineering (P. Baumann) 14

  15. Return Codes  Methods have a return parameter • For otherwise void result, int myFunc( string s, int n ) it carries only success information { int result = RC_OK; • If method has regular result: reserve otherwise unused value if (s = = NULL) • NULL for strings, -1 for int, … result = RC_INPUT_ERROR; else if (strlen(s) >= SMAX)  It‟s an interface property result = RC_INPUT_ERROR; else if (n < 0 || n > NMAX) -- document clearly! result = RC_INPUT_ERROR; • …and check in caller code! if (result = = RC_OK) {  Strongly recommended: do_whatever_is_to_be_done; } single-return functions return result; use a local result variable! • } 320312 Software Engineering (P. Baumann) 15

  16. Excursion: Another Real-Life Example for ( count = 0, *templateList = myClass_New ( templateCount, char *); *templateList && count < templateCount && ( ( *templateList)[count] = aux_Duplicate (templates[count] ) ); count++ );  documenting this takes longer than writing a clear version of the code.  no error handling at all!  How to do better? 320312 Software Engineering (P. Baumann) 16

  17. Structured Programming  Structured programming = component-level design technique [Djikstra et al, early 1960s] which uses only small set of programming constructs  Principle: building blocks to enter at top & leave at bottom • Good: sequence(“;“); condition; repetition • Bad: (computed) goto; break; continue; ...  Advantage: less complex code  easier to read + test + maintain • Measurable quality: small complexity (e.g., cyclometric) • ...but no dogma: if it leads to excessive complexity, violating can be ok 320312 Software Engineering (P. Baumann) 17

  18. Structured Programming: Loops Simple loop Nested Loops Concatenated Unstructured Loops Loops 320312 Software Engineering (P. Baumann) 18

  19. Who Needs GOTOs?  „Unstructured Loops“ mainly abolished by banning GOTO • Pointer is the data equivalent to GOTO! ...C++ vs Java  Still can do mess, array = new int[] char *p; • with code: …and with data: switch (n) { { 111, case 1: 120, p = "one"; 013, if (0) 121, case 2: }; p = "two"; if (1) case 3: p = "three"; printf("%s", p); break; } 320312 Software Engineering (P. Baumann) 19

  20. Apple ’goto fail’ Bug [ more]  xx static OSStatus SSLVerifySignedServerKeyExchange ( SSLContext ∗ ctx, bool isRsa, SSLBuffer signedParams, uint8 t ∗ signature, UInt16 signatureLen ) { OSStatus err; . . . if (( err = SSLHashSHA1. update(&hashCtx , &serverRandom )) != 0) goto fail; if (( err = SSLHashSHA1. update(&hashCtx , &signedParams )) != 0) goto fail; goto fail; if (( err = SSLHashSHA1. final(&hashCtx , &hashOut )) != 0) goto fail; . . . fail: • 2012 – 2014: Apple iOS SSL/TLS library SSLFreeBuffer(&signedHashes ); falsely accepted faulty certificates SSLFreeBuffer(&hashCtx ); return err; • Impersonation, man-in-the-middle attacks } 320312 Software Engineering (P. Baumann) 20

  21. Excursion: Expressing Control Flow  Real-life example!  Nesting-bad.cc: original code • how easy to follow & change?  Nesting-good.cc: modified code • less lines, less columns, less nesting, less getting lost 320312 Software Engineering (P. Baumann) 21

Recommend

Science to cure and prevent metabolic syndrome Coporate Overview July 2018 Glaceum Inc. / 28

Science to cure and prevent metabolic syndrome Coporate Overview July 2018 Glaceum Inc. / 28

Science to cure and prevent metabolic syndrome Coporate Overview July 2018 Glaceum Inc. / 28 Philosophy - Holistic Approaches The ducks legs are short, but to stretch them out would worry him; the cranes legs are long, but to cut

116 views • 11 slides
I have to tell you: NOTHING here has been evaluated by the FDA And NOTHING I am going to tell you

I have to tell you: NOTHING here has been evaluated by the FDA And NOTHING I am going to tell you

I have to tell you: NOTHING here has been evaluated by the FDA And NOTHING I am going to tell you about in this webinar is INTENDED TO DIAGNOSE, TREAT, CURE, OR PREVENT DISEASE. THIS IS PURELY EDUCATIONAL. PLEASE NOTE: THERE WILL BE TECHNICAL

1.81k views • 143 slides
MD/PhD Program Vision: To improve human health by applying the scientific method to prevent and

MD/PhD Program Vision: To improve human health by applying the scientific method to prevent and

MD/PhD Program Vision: To improve human health by applying the scientific method to prevent and cure disease. Mission To train the next generation of physician scientists prepared to innovate and transform health care and biomedical

541 views • 10 slides
The Prevent Strategy Stopping people becoming terrorists or supporting terrorism. Rebecca

The Prevent Strategy Stopping people becoming terrorists or supporting terrorism. Rebecca

The Prevent Strategy Stopping people becoming terrorists or supporting terrorism. Rebecca Skellett Schools and Colleges Prevent Engagement Officer Tri-Borough Prevent Team Prevent Overview: Prevent is about all forms of terrorism. Prevent is

252 views • 11 slides
Feeling right at home Getting to Cure From Cure to Eradication Jordan J. Feld MD MPH Toronto

Feeling right at home Getting to Cure From Cure to Eradication Jordan J. Feld MD MPH Toronto

Feeling right at home Getting to Cure From Cure to Eradication Jordan J. Feld MD MPH Toronto Centre for Liver Disease Sandra Rotman Centre for Global Health University of Toronto Dramatic Improvements DAAs 2014 PR + NI 95-99% 2013 100%

997 views • 52 slides
If you cant see it, you cant hit it, and if you cant hit it, you cant cure

If you cant see it, you cant hit it, and if you cant hit it, you cant cure

12/10/18 Radiation Therapy in the Management of Breast Cancer Wilson Apollo, MS, CTR, RTT WHA Consulting December 6, 2018 1 Target Delineation If you cant see it, you cant hit it, and if you cant hit it, you cant cure

478 views • 43 slides
If you cant see it, you cant hit it, and if you cant hit it, you cant cure

If you cant see it, you cant hit it, and if you cant hit it, you cant cure

11/29/18 Radiation Therapy in the Management of Breast Cancer Wilson Apollo, MS, CTR, RTT WHA Consulting December 6, 2018 1 Target Delineation If you cant see it, you cant hit it, and if you cant hit it, you cant cure

770 views • 42 slides
PREVENT IN DEVON AND TORBAY Nicola Channon Devon and Torbay Prevent Partnership Prevent

PREVENT IN DEVON AND TORBAY Nicola Channon Devon and Torbay Prevent Partnership Prevent

PREVENT IN DEVON AND TORBAY Nicola Channon Devon and Torbay Prevent Partnership Prevent Part of Governments Contest Strategy the national Counter-Terrorism strategy Targeted at safeguarding individuals who are adopting

470 views • 12 slides
Se mina r Se rie s Ho st Guide line s Goa l for the Pr og r a m: T he g o a l o f CURE

Se mina r Se rie s Ho st Guide line s Goa l for the Pr og r a m: T he g o a l o f CURE

CURE F r ontie r s in Re se ar c h Se mina r Se rie s Ho st Guide line s Goa l for the Pr og r a m: T he g o a l o f CURE s F ro ntie rs in Re se arc h Se minar Se rie s pro g ra m is to e xpo se re se a rc he rs, c linic ia ns a

148 views • 4 slides
COULD WE SOMEDAY PREVENT SCHIZOPHRENIA LIKE WE PREVENT CLEFT PALATE? Robert Freedman, MD

COULD WE SOMEDAY PREVENT SCHIZOPHRENIA LIKE WE PREVENT CLEFT PALATE? Robert Freedman, MD

COULD WE SOMEDAY PREVENT SCHIZOPHRENIA LIKE WE PREVENT CLEFT PALATE? Robert Freedman, MD Professor, Department of Psychiatry University of Colorado Editor, American Journal of Psychiatry Maternal folic acid supplements prevent developmental

461 views • 20 slides
Prevent Stacey Evans Community Safety Manager Introduction and Aims To better understand the

Prevent Stacey Evans Community Safety Manager Introduction and Aims To better understand the

Prevent Stacey Evans Community Safety Manager Introduction and Aims To better understand the role of local government and Prevent partnerships in delivering the Prevent Duty Governance Prevent Risk and Threat Training

723 views • 12 slides
The Canadian HIV Cure Enterprise (CanCURE) Team ric A. Cohen, PhD Laboratory of Human

The Canadian HIV Cure Enterprise (CanCURE) Team ric A. Cohen, PhD Laboratory of Human

The Canadian HIV Cure Enterprise (CanCURE) Team ric A. Cohen, PhD Laboratory of Human Retrovirology Institut de Recherches Cliniques de Montral (IRCM) How close are we to a cure? HIV Endgame Conference, Toronto October 25, 2016 1

692 views • 35 slides
Institut National de la CURE-XF - 734353 Recherche Pr Presentation of Pa Partners P1 P19 -

Institut National de la CURE-XF - 734353 Recherche Pr Presentation of Pa Partners P1 P19 -

H2020-MSCA-RISE-2016 Funded by the European Union Institut National de la CURE-XF - 734353 Recherche Pr Presentation of Pa Partners P1 P19 - IN INRA Maroc CURE-XF Kick-off Meeting CIHEAM Bari 28-29 September, 2017 Institut National de

275 views • 9 slides
Successes of the 1 st phase Going for a cure in Phase II September 2019 TABLE OF

Successes of the 1 st phase Going for a cure in Phase II September 2019 TABLE OF

Finding a Cure for Multiple Myeloma Successes of the 1 st phase Going for a cure in Phase II September 2019 TABLE OF CONTENTS Letter from the President............................................................................... 3

649 views • 41 slides
Understanding new medicines to treat chronic hepatitis B: toward a cure October 26, 2016 Define

Understanding new medicines to treat chronic hepatitis B: toward a cure October 26, 2016 Define

Understanding new medicines to treat chronic hepatitis B: toward a cure October 26, 2016 Define an HBV cure Functionally (practical): Sustained, off drug response (loss of viremia and antigenemia Clinically: Return an individual to the

625 views • 33 slides
Vaccinosis and Its Cure by Thuja by J. Compton Burnett written in the 1800s first printed in

Vaccinosis and Its Cure by Thuja by J. Compton Burnett written in the 1800s first printed in

Vaccinosis and Its Cure by Thuja by J. Compton Burnett written in the 1800s first printed in 1897. Lets take a look at what he knew in the 1880s and what we know now today in 2011. Page 9 Vaccinosis baring the way to a cure of an

380 views • 20 slides
Towards the Goal of a Cure for Multiple Myeloma The Partnership of the DGMRF and DFCI Successes

Towards the Goal of a Cure for Multiple Myeloma The Partnership of the DGMRF and DFCI Successes

Towards the Goal of a Cure for Multiple Myeloma The Partnership of the DGMRF and DFCI Successes of the First Phase and Driving Towards a Cure in the Second Phase Paul Richardson, MD Corman Professor of Medicine Constantine S. Mitsiades, MD,

389 views • 18 slides
Prevent Presentation Leicester/ Leicestershire Approach Daxa Pancholi, Head of Community

Prevent Presentation Leicester/ Leicestershire Approach Daxa Pancholi, Head of Community

09/11/18 Partnership Approach The Prevent Duty &amp; Local Delivery Sean Arbuthnot, Prevent Co-Ordinator Counter Terrorism Local Plan Insp. Bill Knopp Prevent Presentation Leicester/ Leicestershire Approach Daxa Pancholi,

200 views • 3 slides
RESEARCH EDUCATION INNOVATION COLLABORATION The push for a cure for CHB infection is

RESEARCH EDUCATION INNOVATION COLLABORATION The push for a cure for CHB infection is

PROMOTING GLOBAL COLLABORATION IN HBV CURE RESEARCH Worldwide, more than 257 million people are chronically infected with hepatitis B virus (HBV) and, even though a prophylactic vaccine and effective antiviral therapies have been developed, there

288 views • 4 slides
RESIDUAL STRAIN MEASUREMENT IN Presentation by: Jason Cantrell COMPOSITES USING CURE-

RESIDUAL STRAIN MEASUREMENT IN Presentation by: Jason Cantrell COMPOSITES USING CURE-

RESIDUAL STRAIN MEASUREMENT IN Presentation by: Jason Cantrell COMPOSITES USING CURE- COMPOSITES USING CURE EAS 6939 1/31/11 REFERENCING METHOD by: P.G Ifju, X. Niu, B.C Kilday, S.-C. Liu &amp; S.M. Ettinger Background g Residual

419 views • 12 slides
Universit catholique de Louvain H2020-MSCA-RISE-2016 Funded by the European Union CURE-XF -

Universit catholique de Louvain H2020-MSCA-RISE-2016 Funded by the European Union CURE-XF -

Universit catholique de Louvain H2020-MSCA-RISE-2016 Funded by the European Union CURE-XF - 734353 Earth&amp;Life Institute Plant Pathology Lab Pr Presentatio ion o of Pa Partners P UCL UCL CURE-XF Kick-off Meeting CIHEAM Bari

368 views • 8 slides
The Cure-Death Model An approach to increase efficiency of clinical endpoint evaluations DAGStat

The Cure-Death Model An approach to increase efficiency of clinical endpoint evaluations DAGStat

Introduction The Cure-Death Model RL test Application Simulation Summary Current Work The Cure-Death Model An approach to increase efficiency of clinical endpoint evaluations DAGStat G ottingen 2016 Harriet Sommer, Martin Wolkewitz,

241 views • 23 slides
A Multistate Model for Cure and Death ois Timsit 2 and Martin Schumacher 1 Harriet Sommer 1 ,

A Multistate Model for Cure and Death ois Timsit 2 and Martin Schumacher 1 Harriet Sommer 1 ,

Introduction COMBACTE Mathematical Background The Cure-Death-Model Simulation Discussion References A Multistate Model for Cure and Death ois Timsit 2 and Martin Schumacher 1 Harriet Sommer 1 , Martin Wolkewitz 1 , Jean-Franc on behalf of

429 views • 21 slides
How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic

How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic

Department of Informatics Security and Privacy Maximilian Blochberger How to prevent cryptographic pitfalls by design February 3, 2019 How to prevent cryptographic pitfalls by design Goal Raise awareness of cryptographic misuse Disclaimer

910 views • 29 slides

More recommend