When to validate?

From: Arcane Jill (arcanejill@ramonsky.com)
Date: Fri Dec 10 2004 - 08:46:16 CST

  • Next message: Marcin 'Qrczak' Kowalczyk: "Re: When to validate?"

    Here's something that's been bothering me. Suppose I write a function -
    let's call it trim(), which removes leading and trailing spaces from a
    string, represented as one of the UTFs. If I've understood this correctly,
    I'm supposed to validate the input, yes?

    Okay, now suppose I write a second function - let's call it tolower(), which
    lowercases a string, again represented as one of the UTFs. Again, I guess
    I'm supposed to validate the input. yes?

    And yet, in an expression such as tolower(trim(s)), the second validation is
    unnecessary. The input to tolower() /must/ be valid, because it is the
    output of trim(). But on the other hand, tolower() could be called with
    arbitrary input, so I can't skip the validation.

    For efficiency, I /could/ assume that all input was already valid - but
    then, what if it isn't? Or I could validate all input - but that's
    inefficient. Or I could write two versions of each function, one validating,
    the other not, but that adds too much complexity. It seems to me that not
    validating input to such functions would give you the best performance, but
    then in order to remain compliant you'd have to do the validation somewhere
    else - for example something like

    t = tolower(trim(validate(s))).

    where validate(s) does nothing but throw an exception if s is invalid.

    Other people must have had to make decisions like this. What's the preferred
    Arcane Jill

    This archive was generated by hypermail 2.1.5 : Fri Dec 10 2004 - 08:54:32 CST