Note for Defensive Programming

1.Check Parameters

参数检查

–Don’t trust the inputs

–Fail quickly and cleanly

–Document exceptions that will be thrown including unchecked exceptions

-For unexported (non-public) methods, assert the validity of parameters

2.Exceptions are not for control flow

*异常仅用于例外情况，尽量使用标准异常库

-Exceptions should never be used for ordinary control flow

-Well-designed APIs do not force clients to program to exceptions

3.Cater for client assumptions

-Return empty arrays or collections, not nulls

4.Defensive copying

对于每个可变参数的赋值和构造进行防御性拷贝

-Make defensive copies when needed

*Perform defensive copying before checking validity

*For get methods, return defensive copies of mutable internal fields

5.Immutability