From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!news.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail From: Jeffrey Carter Newsgroups: comp.lang.ada Subject: Re: A question about private types Date: Thu, 12 Jun 2014 10:20:55 -0700 Organization: Also freenews.netfront.net; news.tornevall.net; news.eternal-september.org Message-ID: References: <$ql0lCCpEcmTFwCt@ada-augusta.demon.co.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Injection-Date: Thu, 12 Jun 2014 17:20:57 +0000 (UTC) Injection-Info: mx05.eternal-september.org; posting-host="ba346f17b503f6aa8ecbfd6d1e2a9f59"; logging-data="14482"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+JHGXGg9ZLbH9PsL9bR5xQ0oHLoTFP/58=" User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 In-Reply-To: <$ql0lCCpEcmTFwCt@ada-augusta.demon.co.uk> Cancel-Lock: sha1:wAmm32H1CWALywmq0klOlgANfMU= Xref: news.eternal-september.org comp.lang.ada:20259 Date: 2014-06-12T10:20:55-07:00 List-Id: On 06/12/2014 08:03 AM, Mike H wrote: > > My instinct is that the package below is vulnerable to erroneous use > because the "Address" component of "Cell_type" can be changed. I suspect > that this vulnerability could be removed if "Grid_index_type" is made > read only. I have attempted to make it a private type but it then > becomes non-discrete and can no longer be used as a parameter in > functions such as "Line_of". There's no reason a function can't have a parameter of a private type. > > type Grid_index_type is range 1 .. 81; > > -- to simplify mapping in either direction each cell contains its own > -- (home) address within the grid > type Cell_type is > record > Address : Grid_index_type; -- ========== vulnerable? > Data : Cell_data; > end record; > type Grid_type is array (Grid_index_type) of Cell_type; A private type can't be used as an array index as you're doing here, however. Perhaps that's really what you're complaining about. Even if Grid_Index_Type were private, Address could still be changed. Address would be harder to change if it were a discriminant: type Cell_Type (Address: Grid_Index_Type := Some_Initial_Value) is record Data : Cell_Data; end record; The default is needed for Cell_Type to be definite and so usable as the component type of an array type. You can still change Address by assigning to the whole record. If that's not good enough, I'd make Cell_Type limited private, and provide Address and Data functions and a Set procedure that takes a Cell_Data. -- Jeff Carter "My mind is a raging torrent, flooded with rivulets of thought, cascading into a waterfall of creative alternatives." Blazing Saddles 89