...
The implementation of the string_m type is fully visible to the user of the data type after including the string_m.h file. Programmers are consequently more likely to directly manipulate the fields within the structure, violating the software engineering principles of information hiding and data encapsulation and increasing the probability of developing incorrect or non-portable nonportable code.
Compliant Solution
This compliant solution reimplements the string_m type as a private type, hiding the implementation of the data type from the user of the managed string library. To accomplish this, the developer of the private data type creates two include header files: an external "string_m.h" include header file that is included by the user of the data type and an internal file that is included only included in files that implement the managed string abstract data type.
In the external string_m.h file, the string_m type is declared as a pointer to a struct string_mx, which in turn is declared as an incomplete type.
| Code Block | ||
|---|---|---|
| ||
struct string_mx; typedef struct string_mx *string_m; |
In the internal include header file, struct string_mx is fully defined but not visible to a user of the data abstraction.
...
Modules that implement the abstract data type include both the external and internal definitions, while users of the data abstraction include only the external string_m.h file. This allows the implementation of the string_m data type to remain private.
Risk Assessment
...