C++核心準(zhǔn)則SL.con.3:避免越界錯(cuò)誤
SL.con.3: Avoid bounds errors
SL.con.3:避免越界錯(cuò)誤
Reason(原因)
Read or write beyond an allocated range of elements typically leads to bad errors, wrong results, crashes, and security violations.
超越分配得到的范圍讀寫元素通常會(huì)導(dǎo)致惡劣的錯(cuò)誤,不正確的結(jié)果,沖突,和安全違反。
Note(注意)
The standard-library functions that apply to ranges of elements all have (or could have) bounds-safe overloads that take?span. Standard types such as?vector?can be modified to perform bounds-checks under the bounds profile (in a compatible way, such as by adding contracts), or used with?at().
適用于某個(gè)范圍內(nèi)元素的標(biāo)準(zhǔn)庫(kù)函數(shù)都有(或會(huì)有)一個(gè)適用span參數(shù)的邊界安全的重載函數(shù)。類似vector的標(biāo)準(zhǔn)類型可以被改寫以便執(zhí)行符合邊界規(guī)則群組要求的邊界檢查(以兼容的方式,例如通過增加契約)或者通過at()訪問元素。
Ideally, the in-bounds guarantee should be statically enforced. For example:
理想情況下,應(yīng)該靜態(tài)實(shí)現(xiàn)邊界內(nèi)保證。例如:
a range-for?cannot loop beyond the range of the container to which it is applied
范圍for循環(huán)不會(huì)超越它操作的容器的范圍。
a?v.begin(),v.end()?is easily determined to be bounds safe
v.begin(),v.end()這種用法很容易判斷是否邊界安全。
Such loops are as fast as any unchecked/unsafe equivalent.
這樣的循環(huán)和不檢查邊界、不保證安全的等價(jià)物同樣快。
Often a simple pre-check can eliminate the need for checking of individual indices. For example
通常,簡(jiǎn)單的事前檢查可以消除檢查獨(dú)立索引的需要。例如:
for?v.begin(),v.begin()+i?the?i?can easily be checked against?v.size()
對(duì)于v.begin(),v.begin()+i,i可以簡(jiǎn)單的通過v.size()進(jìn)行檢查。
Such loops can be much faster than individually checked element accesses.
這樣的循環(huán)可以比逐個(gè)檢查元素訪問的情況快很多。
Example, bad(反面示例)
void f()
{
array a, b;
memset(a.data(), 0, 10); // BAD, and contains a length error (length = 10 * sizeof(int))
memcmp(a.data(), b.data(), 10); // BAD, and contains a length error (length = 10 * sizeof(int))
}
Also,?std::array<>::fill()?or?std::fill()?or even an empty initializer are better candidate than?memset().
同樣,std::array<>::fill()或std::fill(),甚至空初始化器都可以作為memset的更好選擇。
Example, good(范例)
void f()
{
array a, b, c{}; // c is initialized to zero
a.fill(0);
fill(b.begin(), b.end(), 0); // std::fill()
fill(b, 0); // std::fill() + Ranges TS
if ( a == b ) {
// ...
}
}
Example(示例)
If code is using an unmodified standard library, then there are still workarounds that enable use of?std::array?and?std::vector?in a bounds-safe manner. Code can call the?.at()?member function on each class, which will result in an?std::out_of_range?exception being thrown. Alternatively, code can call the?at()?free function, which will result in fail-fast (or a customized action) on a bounds violation.
如果代碼使用的是未經(jīng)修改的標(biāo)準(zhǔn)庫(kù),仍然有變通的辦法以邊界安全的方式使用std::array和std::vector。代碼可以調(diào)用每個(gè)類的.at()成員函數(shù),它可以拋出std::out_of_range異常。或者,代碼可以調(diào)用at()自由函數(shù),它在邊界違反時(shí)會(huì)觸發(fā)快速失敗(或者自定義的動(dòng)作)。
void f(std::vector& v, std::array a, int i)
{
v[0] = a[0]; // BAD
v.at(0) = a[0]; // OK (alternative 1)
at(v, 0) = a[0]; // OK (alternative 2)
v.at(0) = a[i]; // BAD
v.at(0) = a.at(i); // OK (alternative 1)
v.at(0) = at(a, i); // OK (alternative 2)
} Enforcement(實(shí)施建議)
Issue a diagnostic for any call to a standard-library function that is not bounds-checked. ??? insert link to a list of banned functions
發(fā)行一個(gè)檢查,已確認(rèn)所有對(duì)沒有邊界檢查的標(biāo)注庫(kù)函數(shù)的調(diào)用。???插入禁止函數(shù)列表的鏈接。
This rule is part of the?bounds profile.
本規(guī)格是邊界準(zhǔn)則群組的一部分。
原文鏈接
https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#slcon3-avoid-bounds-errors
新書介紹
《實(shí)戰(zhàn)Python設(shè)計(jì)模式》是作者最近出版的新書,拜托多多關(guān)注!
本書利用Python 的標(biāo)準(zhǔn)GUI 工具包tkinter,通過可執(zhí)行的示例對(duì)23 個(gè)設(shè)計(jì)模式逐個(gè)進(jìn)行說明。這樣一方面可以使讀者了解真實(shí)的軟件開發(fā)工作中每個(gè)設(shè)計(jì)模式的運(yùn)用場(chǎng)景和想要解決的問題;另一方面通過對(duì)這些問題的解決過程進(jìn)行說明,讓讀者明白在編寫代碼時(shí)如何判斷使用設(shè)計(jì)模式的利弊,并合理運(yùn)用設(shè)計(jì)模式。
對(duì)設(shè)計(jì)模式感興趣而且希望隨學(xué)隨用的讀者通過本書可以快速跨越從理解到運(yùn)用的門檻;希望學(xué)習(xí)Python GUI 編程的讀者可以將本書中的示例作為設(shè)計(jì)和開發(fā)的參考;使用Python 語(yǔ)言進(jìn)行圖像分析、數(shù)據(jù)處理工作的讀者可以直接以本書中的示例為基礎(chǔ),迅速構(gòu)建自己的系統(tǒng)架構(gòu)。
覺得本文有幫助?請(qǐng)分享給更多人。
關(guān)注微信公眾號(hào)【面向?qū)ο笏伎肌枯p松學(xué)習(xí)每一天!
面向?qū)ο箝_發(fā),面向?qū)ο笏伎迹?/span>