Redundant testing by caller and by callee as a style of defensive programming is largely discredited within the C and C++ community, the main problem being performance. The usual discipline in C and C++ is to require validation only on one side of each interface.
Requiring the caller to validate arguments can result in faster code, because the caller may understand certain invariants in that prevent invalid values from being passed. Requiring the callee to validate arguments allows the validation code to be encapsulated in one location, reducing the size of the code and making it more likely that these checks are performed in a consistent and correct fashion.
For safety and security reasons, this standard recommends that the called function validate When writing a library, each exposed function should perform a validity check on its parameters. Validity checks allow the library function to survive at least some forms of improper usage, enabling an application using the library function to likewise survive, and often simplifies the task of determining the condition that caused the invalid parameter.
...