Protection of code with conversion operators

Absrtact: Inadvertent object conversion is often a serious threat to code security. Fortunately, the conversion operator allows you to enable and disable transformations based on the actual situation, which helps to avoid pathological behavior.

Some objects must be converted to low-level forms, and vice versa. For example, a programmer using a Std::string object must convert it to a char pointer, see the following example:

string inf="mydata.txt";
ifstream infile (inf.c_str());// 必须要转成 const char*

Similarly, Psoix programmers need to convert <fstream> objects to file descriptors to use Local system calls.

How do you let an object automatically convert to its underlying type without compromising code security?

Use the conversion operator and the explicit constructor to create objects with dual interfaces to avoid pathological behavior conversions.

Ask a question:

Commercial and financial applications often represent currency values as objects rather than as primitive floating-point types. There are several reasons to do this:

Type safety: human error is more easily found;

Portability: Because the user hides implementation details, the code has better portability;

Business logic: Classes allow you to enforce business logic rules. For example: The US dollar (US dollar) class knows that one dollar is 100 cents (cents), while the Kuwaiti dinar (dinar) class knows that one dinar is 1000 fiers (fils). This difference will affect the I/O format.

The following is a simplified class that represents the U.S. currency:

class USD
{
private:
　　__int64 dollars; //或者 long long, 依赖编译器
　　int cents;
public:
　　 USD(__int64 d=0, int c=0) :
　　　dollars(d), cents(c) {}
　　　friend bool operator==(const USD& d1, const USD& d2);
　　　//...other overloaded operators and functions
};　　

Alas, many mathematical functions such as POW () and sqrt () only recognize floating-point variables. To overcome this problem people are always overloaded with relational operators and operators. However, you will find that this will bring a lot of unnecessary coding, testing and maintenance work. All you want is a dual interface: in the appropriate context, the USD class object should provide the benefits listed above, in addition to providing a secure, automatic conversion to the base type.