Suggestion 24: Boundary, Boundary, or Boundary
The electronic products produced by a certain merchant are very popular, and you need to book 30 days in advance to get them. At the same time, it also stipulates the
maximum number of products that a member can have, in order to prevent hoarding and overstocking. The booking process for members is as follows: first
log in to the official website, select the product model, and then set the quantity to be booked, submit, and
if you meet the rules, you will be prompted to place an order. This document is generated by the ultra-fast PDF editor.
And download:
http://www.jisupdfeditor.com/
2017/10/20
55/396
success, if it does not meet the rules, it will prompt the order to fail. The background processing logic is simulated as follows:
public class Client{
// The maximum number of products owned by a member
public final static int LIMIT=2000 ;
public static void main ( String[]args ) {
// The number of products currently owned by a member
int cur= 1000 ;
Scanner input=new Scanner ( System.in );
System.out.print ( " Please enter the quantity to be reserved: " );
while ( input.hasNextInt ()) {
int order=input.nextInt ();
// sum of currently owned and ready-to-order products
if ( order > 0 && order+cur < = LIMIT ) {
System. out.println ( " You have successfully booked "+order+" products! " );
}else{
System.out.println ( " Exceeded limit, booking failed! " );
} } } }
This is a simple order processing program, where cur represents the number of products a member has already owned, and LIMIT is the maximum number of products
a member has (in reality, these two parameters are of course obtained from the database, but here is a
simulation program), if the current booking If the sum of the quantity and the quantity in possession exceeds the maximum quantity, the reservation will fail, otherwise the order will be
achievement. The business logic is very simple, and at the same time, the order quantity is strictly checked on the web interface, for example, it cannot be negative,
cannot exceed the maximum quantity, etc., but the calculation is not as good as the calculation of the sky, and it appears in the database within two hours of operation. Abnormal data: The sum of the number of products owned by a
member and the number of reservations is far greater than the limit. How could this be? There can be no problem with program logic.
How did this happen? Let's simulate it for the first time:
please enter the quantity to be reserved: 800 800
products that you have successfully reserved ! This document is generated by the extremely fast PDF editor. If you want to remove this prompt, please visit and download: http://www.jisupdfeditor.com/ 2017/10/20 56/396 This fully meets the conditions and there is no problem, continue to enter: Please enter the quantity to be reserved: 2147483647You have successfully reserved 2147483647 products! See, this number far exceeds the limit of 2000, but the reservation was successful, it is amazing! Does the number 2147483647 look familiar? That's right, it is the maximum value of the int type. Yes, someone entered a maximum value, which invalidated the verification condition. Why? Let's look at the program, the value of order is 2147483647, then adding 1000 will exceed the range of int, and the result is -2147482649, which is of course less than the positive number 2000! The reason can be summed up : the out-of-bounds number invalidates the test condition.
In unit testing, there is a test called boundary testing (also called critical testing). If a method receives a
parameter of type int, the following three values must be tested: 0, positive maximum, negative minimum, of which positive maximum and Negative Min are
boundary values, if there are no problems with these three values, the method is relatively safe and reliable. In our case, the lack of bounds
testing resulted in a severe deviation in the production system.
Maybe you are wondering, since the web interface has been strictly verified, why can you still enter such a
large number as 2147483647? Does it mean that the web verification is not strict? Wrong, this is not the case. Web verification is implemented on the page through
JavaScript, which can only limit ordinary users (ordinary users here refer to simple users who do not understand HTML, HTTP, and
Java), and For experts, these verifications are basically decorations. HTTP is transmitted in plain text.
Intercept several times, analyze the data structure, and then write a simulator. All front-end verifications have become clouds! If you want to
submit some data to the background, isn't it easy to do it? !
The electronic products produced by a certain merchant are very popular, and you need to book 30 days in advance to get them. At the same time, it also stipulates the
maximum number of products that a member can have, in order to prevent hoarding and overstocking. The booking process for members is as follows: first
log in to the official website, select the product model, and then set the quantity to be booked, submit, and
if you meet the rules, you will be prompted to place an order. This document is generated by the ultra-fast PDF editor.
And download:
http://www.jisupdfeditor.com/
2017/10/20
55/396
success, if it does not meet the rules, it will prompt the order to fail. The background processing logic is simulated as follows:
public class Client{
// The maximum number of products owned by a member
public final static int LIMIT=2000 ;
public static void main ( String[]args ) {
// The number of products currently owned by a member
int cur= 1000 ;
Scanner input=new Scanner ( System.in );
System.out.print ( " Please enter the quantity to be reserved: " );
while ( input.hasNextInt ()) {
int order=input.nextInt ();
// sum of currently owned and ready-to-order products
if ( order > 0 && order+cur < = LIMIT ) {
System. out.println ( " You have successfully booked "+order+" products! " );
}else{
System.out.println ( " Exceeded limit, booking failed! " );
} } } }
This is a simple order processing program, where cur represents the number of products a member has already owned, and LIMIT is the maximum number of products
a member has (in reality, these two parameters are of course obtained from the database, but here is a
simulation program), if the current booking If the sum of the quantity and the quantity in possession exceeds the maximum quantity, the reservation will fail, otherwise the order will be
achievement. The business logic is very simple, and at the same time, the order quantity is strictly checked on the web interface, for example, it cannot be negative,
cannot exceed the maximum quantity, etc., but the calculation is not as good as the calculation of the sky, and it appears in the database within two hours of operation. Abnormal data: The sum of the number of products owned by a
member and the number of reservations is far greater than the limit. How could this be? There can be no problem with program logic.
How did this happen? Let's simulate it for the first time:
please enter the quantity to be reserved: 800 800
products that you have successfully reserved ! This document is generated by the extremely fast PDF editor. If you want to remove this prompt, please visit and download: http://www.jisupdfeditor.com/ 2017/10/20 56/396 This fully meets the conditions and there is no problem, continue to enter: Please enter the quantity to be reserved: 2147483647You have successfully reserved 2147483647 products! See, this number far exceeds the limit of 2000, but the reservation was successful, it is amazing! Does the number 2147483647 look familiar? That's right, it is the maximum value of the int type. Yes, someone entered a maximum value, which invalidated the verification condition. Why? Let's look at the program, the value of order is 2147483647, then adding 1000 will exceed the range of int, and the result is -2147482649, which is of course less than the positive number 2000! The reason can be summed up : the out-of-bounds number invalidates the test condition.
In unit testing, there is a test called boundary testing (also called critical testing). If a method receives a
parameter of type int, the following three values must be tested: 0, positive maximum, negative minimum, of which positive maximum and Negative Min are
boundary values, if there are no problems with these three values, the method is relatively safe and reliable. In our case, the lack of bounds
testing resulted in a severe deviation in the production system.
Maybe you are wondering, since the web interface has been strictly verified, why can you still enter such a
large number as 2147483647? Does it mean that the web verification is not strict? Wrong, this is not the case. Web verification is implemented on the page through
JavaScript, which can only limit ordinary users (ordinary users here refer to simple users who do not understand HTML, HTTP, and
Java), and For experts, these verifications are basically decorations. HTTP is transmitted in plain text.
Intercept several times, analyze the data structure, and then write a simulator. All front-end verifications have become clouds! If you want to
submit some data to the background, isn't it easy to do it? !