Input Validation Patterns
Checked Add
Arithmetic checks can reject a result before assigning it to program state.
Checked Add
checked_add.c
#include <stdio.h>
int checkedAdd(int left, int right, int limit, int *outSum) {
if (right > limit - left) {
return 0;
}
*outSum = left + right;
return 1;
}
int main(void) {
int right = ;
int left = 40;
int limit = 100;
int sum = 0;
int ok = checkedAdd(left, right, limit, &sum);
printf("left=%d right=%d ok=%d sum=%d\n", left, right, ok, sum);
return 0;
}
#include <stdio.h>
int checkedAdd(int left, int right, int limit, int *outSum) {
if (right > limit - left) {
return 0;
}
*outSum = left + right;
return 1;
}
int main(void) {
int right = ;
int left = 40;
int limit = 100;
int sum = 0;
int ok = checkedAdd(left, right, limit, &sum);
printf("left=%d right=%d ok=%d sum=%d\n", left, right, ok, sum);
return 0;
}
#include <stdio.h>
int checkedAdd(int left, int right, int limit, int *outSum) {
if (right > limit - left) {
return 0;
}
*outSum = left + right;
return 1;
}
int main(void) {
int right = ;
int left = 40;
int limit = 100;
int sum = 0;
int ok = checkedAdd(left, right, limit, &sum);
printf("left=%d right=%d ok=%d sum=%d\n", left, right, ok, sum);
return 0;
}
pre-check
Checking against `limit - left` avoids computing a value that should be rejected.
output parameter
The function writes the sum only when the status says it is valid.