C++

Forum

 
first POST/ Program

xandout (2)
Hey all this is my first post here and so far i love c++ i saw an example program that determines the possible ways to reach a monetary total with coins and thought hey i suck at cash registers id like a program to tell me how to make change and here it is. This is my first program and i "coded" (if u can call it that) by myself. Please give advice or criticism. Thanks.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
 
#include <iostream>

using namespace std;


double dTotal;double dTotal2;double dQuart;double dRem;int iTotal;double dINIT;
double dVar;double fVar;double iextra;double dDimes;double dNick;double dPenn;
int main()
{
    cout << "Amount to be calculated:" ;
    cin >> dTotal;
    cout << "Amount Entered: $" << dTotal << endl;
    dQuart = dTotal / .25;
    iTotal = dQuart;
    cout << iTotal << " Quarters"<<endl;
    dVar = iTotal * .25 ;
    fVar = dTotal - dVar;
    iextra = fVar;
    dDimes = iextra / .10;
    iTotal = dDimes;
    cout << iTotal << " Dimes" << endl;
    dVar = iTotal *.10;
    iextra = fVar - dVar;
    dNick = iextra / .05;
    iTotal = dNick;
    cout << iTotal << " Nickles" << endl;
    dVar =iTotal * .05;
    fVar = iextra - dVar;
    dPenn =  fVar / .01;
    cout << dPenn << " Pennies" << endl;

    return 0;
}
Dacster13 (212)
hmm, my only comment is if you're going to declare a lot of variables in one line, you might want to try doing it like this instead.

 
 
double dTotal, dTotal2, dQuart, dRem, dINIT, dVar, fVar, iextra, dDimes, dNick, dPenn;


although personally I think putting variable declarations in a single line is a bit ugly style-wise. And if I remember correctly it's frowned upon by cert secure coding standards because it's confusing when you use it with pointers. If you want more information on that you can read about it at

https://www.securecoding.cert.org/confluence/display/seccode/DCL04-C.+Do+not+declare+more+than+one+variable+per+declaration

It's a low risk severity anyways so If you really want to do that, I think you can try sticking to a max of 3 or 4 variables in a line like so...

1
2
3
 
double dTotal, dTotal2, dQuart;
double dRem, dINIT, dVar, fVar;
double iextra, dDimes, dNick, dPenn;
xandout (2)
Thanks for the reply. As i looked at other source examples i saw how well documented some of them were and realized that mine is well not. so from a readability standpoint i get what that cert site said but how is that insecure. Pardon my ignorance.

ps thanks for the var tips i typed double alot and now i dont have to. THANKS!!!
Dacster13 (212)
well I think it's really only a security issue when you use it with pointers. For example if one of your variables was a pointer to a double, I changed dDimes to a pointer so you can see the idea clearer.

 
 
double dTotal, dTotal2, dQuart, dRem, dINIT, dVar, fVar, iextra, *dDimes, dNick, dPenn;


Well then some other programmer you are working with looks at your code and doesn't check carefully and thinks all of them are doubles, and tries to do something with it. Possibly something like.

1
2
 
dDimes = 0;
dDimes = dDimes + 10;


Although things like that are highly unlikely to happen it still might. And it may result in a buffer overflow or something, because it's suddenly pointing to a random memory location, instead of adding 10 to the variable which the programmer is possibly assuming.

Anywho, the following is a quote from wikipedia about buffer overflows.


In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a process stores data in a buffer outside the memory the programmer set aside for it. The extra data overwrites adjacent memory, which may contain other data, including program variables and program flow control data. This may result in erratic program behavior, including memory access errors, incorrect results, program termination (a crash), or a breach of system security.

Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program operates. They are thus the basis of many software vulnerabilities and can be maliciously exploited. Bounds checking can prevent buffer overflows.

Last edited on
Topic archived. No new replies allowed.