'. '


From APIDesign

(Difference between revisions)
Jump to: navigation, search
(Problems in Solution 11)
(Problems in Solution 11)
Line 63: Line 63:
are not the same, even if the ''keys'' field contains two distinct keys. Petr managed to exploit this with [http://source.apidesign.org/hg/apifest08/file/2ae6e4aa7aef/taskx/psmid/against-solution11/test/apifest/CurrencyTest.java his test]. Congratulation, this is very clever!
are not the same, even if the ''keys'' field contains two distinct keys. Petr managed to exploit this with [http://source.apidesign.org/hg/apifest08/file/2ae6e4aa7aef/taskx/psmid/against-solution11/test/apifest/CurrencyTest.java his test]. Congratulation, this is very clever!
This shows how carefully we need to be while evolving APIs of our libraries. Even slight change in [[Runtime Aspects of APIs]] can lead to [[BackwardCompatibility|incompatibilities]].
=== Problems in Solution 13 ===
=== Problems in Solution 13 ===

Revision as of 08:45, 26 October 2008

The celebration of 10 years of NetBeans releases is in progress and that is why it is also time to celebrate all those who contributed to the NetBeans architecture, and design practices which makes NetBeans platform the most stable Java rich client application framework.

The best way to have fun is to play games. The best way to learn is to play as well. The best way to teach is to organize such game. When me and CZJUG lead Jakub Podlešák realized that, we decided to organize similar game as described in Chapter 17 of TheAPIBook. It is a game to teach, learn and have fun while designing architecture and APIs and practising backward compatibility principles in software interfaces.

There were four base rounds ([[APIFest08:Task1.5|1], 2, 3, 4) in the APIFest08. We started with fourteen participants. However as the competition advanced further and further, only those who really eager to win managed to finish all four design tasks. Still, six solutions advanced to the final judgment day/week.

The judgment round is in fact the start of the real competition. However it is also much more difficult than the first four rounds. Instead of looking into own solution, one needs to dig into solutions provided by others and seek for left compatibility problems which is different and time consuming. Still I am glad that two participants, Petr Šmíd and Jan Žák did not give up and sent me their hacks showing BackwardCompatibility evolution problems in many solutions.


Problems in Solution 04

Both guys managed to find a problem in solution 04. There were multiple problems as demonstrated by Petr, however the most obvious one was source incompatibility caused by the addition of new method into a subclassable interface as shown by Jan and me. The lesson to take is that if one is seeking for 100% BackwardCompatibility one needs to prevent modifications to classes that can be subclassed.

Problems in Solution 06

The author of solution six did few compatibility mistakes. First of all, as Jan demonstrates, the once public field Convertor.one disappeared in subsequent revision, which is clearly incompatible for clients using it.

I found an interesting source incompatibility caused by adding overloaded version of constructor. If there are two methods with the same name and number of parameters, but different types, one can try to call them with null and the compiler will refuse the compilation:

reference to Convertor is ambiguous, both method
and method
        Convertor c = new Convertor(null, cur1, cur2);

Obviously the code compiled before the second method was introduced, but than it failed. This is not that big incompatibility in practise, but it is enough to loose in APIFest08.

Petr exploited another functional incompatibility. The text of a thrown exception changed between two releases. As such it is enough to generate the exception and compare the text. A thing to remember? There are different kinds of APIs, text messages being one of them. For purpose of APIFest08 all of them are equal.

Problems in Solution 07

Problems in Solution 11

This is the solution designed by Jan Žák and it seemed completely unbreakable for me. However, Petr had other opinion. He realized that code like:

private String k1, k2;
boolean canConvert(String s1, String s2) {
  if (k1.equals(s1) && k2.equals(s2)) {
    return true;
  if (k2.equals(s1) && k1.equals(s2)) {
    return true;
  return false;

and more general code as

private List<String> keys;
boolean canConvert(String s1, String s2) {
  if (keys.contain(s1) && keys.contains(s2)) {
    return true;
  return false;

are not the same, even if the keys field contains two distinct keys. Petr managed to exploit this with his test. Congratulation, this is very clever!

This shows how carefully we need to be while evolving APIs of our libraries. Even slight change in Runtime Aspects of APIs can lead to incompatibilities.

Problems in Solution 13

This solution suffered with source as well functional compatibility problems. Jan managed to exploit both, Petr concentrated on the source incompatibility and I on the functional one.

The thing to remember is that as soon as you implement equals, you need to stick with its implementation. Changing it can be exploited either by careful hackers or by everyone who puts the objects into List or other collection classes.

Problems in Solution 14

This is the solution provided by Petr Šmíd. As Petr is one of the last standing hackers, his solution is not easy to break. I managed to exploit change in implementation classes by using obj.getClass().getInterfaces() check. This does not require any additional permissions, everyone can do this, however it is not really fair. If this was the only way to break Petr's solution, I would still consider his work unbreakable.

However Jan Žák created more intrinsic exploit that generates ArrayStoreException, if executed with newer version of the API. The reason for that is that the task4 version wraps all CurrencyRate with own TimeLimitedCurrencyRate objects. As these objects are not used only internally, but also exposed to clients with a getter getCurrencyRates. Then it is enough to pass in own objects and check that the returned values are of the same type. Excellent work Jan!

The lesson to remember is to Separate APIs for Clients and Providers as advocated in Chapter 8.

Personal tools