Offensive programming is a name used for the branch of
defensive programming
Defensive programming is a form of defensive design intended to develop programs that are capable of detecting potential security abnormalities and make predetermined responses. It ensures the continuing function of a piece of software under un ...
that expressly departs from defensive principles when dealing with errors resulting from
software bug
A software bug is a design defect ( bug) in computer software. A computer program with many or serious bugs may be described as ''buggy''.
The effects of a software bug range from minor (such as a misspelled word in the user interface) to sev ...
s. Although the name is a reaction to extreme interpretations of defensive programming, the two are not fundamentally in conflict. Rather, offensive programming adds an explicit priority of not
tolerating errors in wrong places: the point where it departs from extreme interpretations of defensive programming is in preferring the presence of errors from within the program's line of defense to be blatantly obvious over the hypothetical safety benefit of tolerating them.
This preference is also what justifies using
assertions.
Distinguishing errors
The premise for offensive programming is to distinguish between expectable errors, coming from outside the program's line of defense, however improbable, versus preventable internal errors that shall not happen if all its software components behave as expected.
Contrasting examples:
Bug detection strategies
Offensive programming is concerned with failing, so to disprove the programmer's assumptions. Producing an error message may be a secondary goal.
Strategies:
* No unnecessary checks: Trusting that other software components behave as specified, so to not paper over any unknown problem, is the basic principle. In particular, some errors may already be guaranteed to crash the program (depending on programming language or running environment), for example dereferencing a
null pointer
In computing, a null pointer (sometimes shortened to nullptr or null) or null reference is a value saved for indicating that the Pointer (computer programming), pointer or reference (computer science), reference does not refer to a valid Object (c ...
. As such, null pointer checks are unnecessary for the purpose of stopping the program (but can be used to print error messages).
*
Assertions – checks that can be disabled – are the preferred way to check things that should be unnecessary to check, such as
design contracts between software components.
* Remove fallback code (''limp mode'') and fallback data (''default values''): These can hide defects in the main implementation, or, from the user point of view, hide the fact that the software is working suboptimally. Special attention to unimplemented parts may be needed as part of
factory acceptance testing, as yet unimplemented code is at no stage of
test driven development discoverable by failing
unit tests.
* Remove shortcut code (see the
strategy pattern
In computer programming, the strategy pattern (also known as the policy pattern) is a behavioral software design pattern that enables selecting an algorithm at runtime. Instead of implementing a single algorithm directly, code receives runtime ins ...
): A simplified code path may hide bugs in a more generic code path if the generic code almost never gets to run. Since the two are supposed to produce the same result, the simplified one can be eliminated.
See also
*
Fail-fast system
References
{{Reflist, 32em, refs=
[{{cite web, title=Offensive Programming, url=http://c2.com/cgi/wiki?OffensiveProgramming, publisher=Cunningham & Cunningham, Inc., accessdate=4 September 2016]
[{{cite web, last1=Broadwall, first1=Johannes, title=Offensive programming, url=http://johannesbrodwall.com/2013/09/25/offensive-programming/, website=Thinking Inside a Bigger Box, accessdate=4 September 2016, date=25 September 2013]
Programming paradigms
Programming principles