Introduction This article is about a Windows application and presents a more involved example that uses Regular Expressions to validate name, address and telephone number information input by a user.Before explaining the sample I would like to provide a little explanation of Regular Expressions.
In this noncompliant code example, /* Sets some internal state in the library */ extern int setfile(FILE *file); /* Performs some action using the file passed earlier */ extern int usefile(); static FILE *my File; void setfile(FILE *file) void usefile(void) The vulnerability can be more severe if the internal state references sensitive or system-critical data.
This process continues until the event handler validates the user input in all the Text Boxes or until a validation fails.
If all of the fields contain valid information then the program displays a message dialog stating this, and the program exits when the user dismisses the dialog.
Requiring the caller to validate arguments can result in faster code because the caller may understand certain invariants that prevent invalid values from being passed.
Requiring the callee to validate arguments allows the validation code to be encapsulated in one location, reducing the size of the code and making it more likely that these checks are performed in a consistent and correct fashion.