How can change the implementation of my code to make it more secure?

**weaknessforcats** · Mar 23 '17, 01:11 AM

I will make several posts since yuou have several questions.

First question: How can two variables have the same name and not conflict in C++ code.

Answer: They conflict just like they do in C. However, you can protect yourself by using a namespace:

Code:

namespace deseals22
{

int data;

}

The name of this variable is deseals22::data . Not unless someone else is also using the deseals22 namespace will there be a problem.

Read this: https://bytes.com/topic/c/insights/7...obal-variables

**weaknessforcats** · Mar 23 '17, 01:24 AM

In a class:

Code:

class Test
{
  private:
    int data;

  public:

    void funct(int data);
}

Here you have to tell the compiler which data you are using. The class member or the class member function. The code for the member function looks like:

Code:

void Test::funct(int data)
{

   data = data;
}

This tells the compiler to assign the function argument to itself. Not good.

Code:

void Test::funct(int data)
{

   this->data = data;
}

This code tells the compiler to assign the function argument to the object's data member. The address of the object is placed into the this pointer when the member function is called. It is passed as a hidden first argument. Yes it's true, this member function has 2 arguments.

PRIME RULE: Every use of a class member should be precedes by this->. Period. Every time.

You can only use the this pointer inside a class member function.

**weaknessforcats** · Mar 23 '17, 01:32 AM

Why should you not allow direct access to a class data members?

Suppose the data member must have a value between 1 and 20 and I change it using my own code to 347382? They do this in C and they have one crisis after another. Usually, I hear "I don't want my creativity spoiled by some blah blah..."

Actually, the programmer is lazy and doesn't want to follow any rules at all.

The way out of this is to lock up the class data member and provide access to it only through a class member function which you provide which will insure the class data member has the correct range of values.

Any other procedure will fail and your application will crash. I have scars to prove this.

**weaknessforcats** · Mar 23 '17, 01:43 AM

In your code example, your main should look like:

Code:

int main()
{
   Dog fido("Fido");
   Cat spot("Spot");
   
   cout << "Dog's name is: " << fido.getname() << end;
   cout << "Cat's name is: " << spot.getname() << end   

}

Here you can't see how the name is implemented. This leaves you free to implement the name differently without having to change this user code.

Expose you are using a C++ string object and have your user tie 100,000 lines of code to this implementation and you have just killed you ability to evolve your application. This may be a career ending move.

**weaknessforcats** · Mar 23 '17, 01:46 AM

BTW: Why do your ctors have displays in them???

A ctor initializes your class members and quits.

You really have no idea how your class data needs to be displayed. Only the user knows that. So remove all displays from your class code before your users come after you with flaming red eyes.

**dseals22** · Mar 23 '17, 01:50 AM

@weaknessforcat s, What do you mean "ctors"?

**weaknessforcats** · Mar 23 '17, 01:54 AM

A ctor is a common term for constructor. I don't have to type so many letters. Remember about lazy programmers?

There is also a dtor for destructor.

**dseals22** · Mar 23 '17, 01:56 AM

@weaknessforcat s, Okay I understand.But programmers might want to still spell things out just in case there is a miscommunicatio n between you and people.

**dseals22** · Mar 23 '17, 02:01 AM

@weaknessforcat s, Thank you so much for answering all my questions, but do you have any online references where I can read more about these things? I am just starting to learn about classes and scope, and function in C++

**dseals22** · Mar 23 '17, 02:05 AM

@weaknessforcat s, Do you mean remove all the cout << statements for each one of my class constructors? This is because I will eventually display the output of the Dog's name and Cat's name in the main function?

**dseals22** · Mar 23 '17, 02:10 AM

@weaknessforcat s,Do the getname() functions that I will have for each class work just like they do in Java? Or do you have to do it another way?

**weaknessforcats** · Mar 23 '17, 05:18 PM

What I did when I started was to read a C++ textbook and solve all the problems using a real compiler. When I finished the book I got another one and repeated the process. I never read the same book twice. At the same time I took C++ classes at a community college. It took me 3 years to get good enough to get hired.

I tell my students that one time I was getting my haircut and asked the barber what it took to get a barber license. OOoohh he said that took 6 weeks of school and 1800 hours or haircutting. I thought: 6 weeks is about 200 hours plus the 1800 hours of practice comes to about 2000 hours. So I say C++ is as easy as cutting hair: 2000 hours of practice and you're there.

**weaknessforcats** · Mar 23 '17, 05:25 PM

Yes you remove those couts from your constructors.

All the constructor is for is to initialize your class data members. That's it.

This is part of a larger concept: A function is to do one thing. The less a function does the more places you can use it.

I guess my question is: How do you know how the data is to be displayed???? I mean in real life you write the class and other people use it so how can you know what their display requirements are?

A C++ class should never have a display in it.

**weaknessforcats** · Mar 23 '17, 05:29 PM

I don't know Java so I can't answer your question.

At your level just write a member function that returns a copy of your class data member. That is, do not return a reference to your class data member. References are not copies they are alternate names for the data member. A hacker could use the reference to access your data member as though you had made it public.

How can change the implementation of my code to make it more secure?

How can change the implementation of my code to make it more secure?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment