Java Reference
In-Depth Information
7. Some programming languages, such as Ada, require that within a for
loop, the loop index should be treated like a constant. That is, the only
way that a loop index can change is via the loop updatemechanism listed
in the loop header. Thus (using Java syntax):
for (i=1;i<100;i++)
print(i)
is legal, but:
for (i=1;i<100;i++)
print(--i)
is not legal.
Explain how to change the semantic analysis visitor of Section 9.1.4 to
enforce read-only access to a loop index within a loop body.
8. When methods are used as functions, calls may be nested . Thus, given a
method:
int t(int a, int b, int c){ ... }
the following call is legal:
z = t(0, 1, t(2, t(3,4,5), 6));
Are the semantic analysis techniques developed in Section 9.2 adequate
to handle nested method calls? What if the methods being called are
overloaded?
9.
(a) Certain data that a method manipulates may require special protec-
tion. For example, a password or account number should only be
”touched” by code we know to be trustworthy.
Assume that in a program we can mark a variable as secure.A
secure variable can only be manipulated by methods within the
package containing the original declaration of the secure variable.
Outline how the semantic analysis techniques of this chapter can
be used to verify that a secure variable does not ”leak” out of the
package that ”owns” it.
(b) The analysis suggested in part (a) may be too restrictive in that it
disallows the use of all library methods, even very benign ones.
Suggest a way of tagging selected library methods as ”trusted.” We
will generalize the security analysis of part (a) by allowing secure
data to be passed to trusted library methods. Note that library
methods that can print a variable or write it into a file are never
trusted.
 
Search WWH ::




Custom Search