On Dec 28, 2014, at 5:59 AM, d...@geer.org wrote:
> Is anyone here in a position to tell me what percentage
> of various/aggregate code bases are in exception handling
> blocks? There is this old rule that 40% of total code
> should be in exception handling; I wonder if any static
> analysis work is routinely measuring this or if there is
> a langsec theoretical argument w.r.t. that rule of thumb.
I confess I have a raised eyebrow at that 40% number. My quick thought runs in
this vein:
Suppose all code is in an if-then-else. In this case, 50% is in an else clause.
Bear with me, as there's no difference between a then and an else, because "if
x" and "if !x" differ only in point of view. So -- why would 40% be exception
processing? While we're at it, what's an "exception" as opposed to a mere other
clause? Yeah, yeah, I know it when I see it, too, but how would you define it
formally?
We also know that 80% of all statistics are made up on the spot just to prove
the author's point. How do we know this isn't one of that 80%?
Jon
_______________________________________________
langsec-discuss mailing list
langsec-discuss@mail.langsec.org
https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
