...
| Code Block | ||||
|---|---|---|---|---|
| ||||
errno_t validateUser(User usr) {
if(list_contains(allUsers, usr) == 0) {
return 303; /* User not found error code */
}
if(list_contains(validUsers, usr) == 0) {
return 304; /* Invalid user error code */
}
return 0;
}
void processRequest(User usr, Request request) {
if(!validateUser(usr)) {
return "invalid user";
}
else {
serveResults();
}
}
|
In this code, the programmer intended to add error code functionality to indicate the cause of a validation failure. The new code, however, validates any invalid or nonexisting user. Because there is no explicit test in processRequest(), the logical error is not obvious and seems correct by certain conventions.
...