Al Eridani <[EMAIL PROTECTED]> wrote:

> If the design says "For each fund that the user owns, do X" and my
> code does X for
> all the funds but it skips the most recently acquired fund, I see it as a
> "manufacturing" error.
> On the other hand, if a user sells all of her funds and the design
> does not properly
> contemplate the situation where no funds are owned and therefore the software
> misbehaves, I see it as a "design" error.

Maybe I'm confused, but...

If the design in your second case is still the same one -- "For each 
fund that the user owns, do X" -- then this second example, like your 
first, is NOT a design error but an implementation (or "manufacturing" 
if you prefer) error.  (Both are (probably) due to some or other form 
of improper bounds checking, and probably due to naïve use of zero-
based counters controlling a loop...  8-) )

The design "For each fund that the user owns, do X" clearly (well, to 
me -- am I odd in this?) says that NOTHING be done if the number of 
funds is zero, hence the second result is an implemention error.


Nick FitzGerald

Secure Coding mailing list (SC-L)
List information, subscriptions, etc -
List charter available at -

Reply via email to