C++核心準(zhǔn)則?Pro.bounds：邊界安全群組

Pro.bounds: Bounds safety profile

Pro.bounds：邊界安全群組

This profile makes it easier to construct code that operates within the bounds of allocated blocks of memory. It does so by focusing on removing the primary sources of bounds violations: pointer arithmetic and array indexing. One of the core features of this profile is to restrict pointers to only refer to single objects, not arrays.

此規(guī)則群組使構(gòu)建在分配的內(nèi)存塊范圍內(nèi)運(yùn)行的代碼更加容易。它通過專注于消除違背邊界規(guī)則的主要來源來做到這一點(diǎn)：指針?biāo)阈g(shù)和數(shù)組索引。此規(guī)則群組的核心功能之一是將指針限制為僅引用單個(gè)對(duì)象，而不是數(shù)組。

We define bounds-safety to be the property that a program does not use an object to access memory outside of the range that was allocated for it. Bounds safety is intended to be complete only when combined with?Type safety?and?Lifetime safety, which cover other unsafe operations that allow bounds violations.

我們將邊界安全性定義為程序不通過對(duì)象訪問為其分配的范圍之外的內(nèi)存的屬性。僅當(dāng)與類型安全性和生命周期安全性結(jié)合使用時(shí)，邊界安全性才是完整的，后者包含允許違反邊界的其他不安全操作。

Bounds safety profile summary:

邊界安全群組概要：

• Bounds.1: Don't use pointer arithmetic. Use?span?instead:?Pass pointers to single objects (only)?and?Keep pointer arithmetic simple.

  Bound.1：不要使用指針?biāo)惴?。改用span：將指針傳遞給單個(gè)對(duì)象（僅），并使指針的運(yùn)算保持簡(jiǎn)單。
  

• Bounds.2: Only index into arrays using constant expressions:?Pass pointers to single objects (only)?and?Keep pointer arithmetic simple.

  Bounds.2：僅使用常量表達(dá)式對(duì)數(shù)組進(jìn)行索引：（僅）將指針傳遞給單個(gè)對(duì)象，并使指針的運(yùn)算保持簡(jiǎn)單。
  

• Bounds.3: No array-to-pointer decay:?Pass pointers to single objects (only)?and?Keep pointer arithmetic simple.

  Bounds.3：沒有數(shù)組到指針的退化：將指針傳遞給單個(gè)對(duì)象（僅），并使指針的運(yùn)算保持簡(jiǎn)單。
  

• Bounds.4: Don't use standard-library functions and types that are not bounds-checked:?Use the standard library in a type-safe manner.

  Bounds.4：不要使用未經(jīng)邊界檢查的標(biāo)準(zhǔn)庫函數(shù)和類型：以類型安全的方式使用標(biāo)準(zhǔn)庫。
  

Impact（影響）

Bounds safety implies that access to an object - notably arrays - does not access beyond the object's memory allocation. This eliminates a large class of insidious and hard-to-find errors, including the (in)famous "buffer overflow" errors. This closes security loopholes as well as a prominent source of memory corruption (when writing out of bounds). Even if an out-of-bounds access is "just a read", it can lead to invariant violations (when the accessed isn't of the assumed type) and "mysterious values."

邊界安全性意味著對(duì)對(duì)象（尤其是數(shù)組）的訪問不會(huì)超出對(duì)象的內(nèi)存分配范圍。這消除了許多隱患和難以發(fā)現(xiàn)的錯(cuò)誤，包括（著名的）“緩沖區(qū)溢出”錯(cuò)誤。這可以消除安全漏洞以及內(nèi)存損壞的主要根源（超出限制時(shí)）。即使越界訪問只是“讀取”，它也可能導(dǎo)致違反不變量（當(dāng)訪問的類型不是假定的類型時(shí)）和“神秘的價(jià)值”。

原文鏈接

https://github.com/isocpp/CppCoreGuidelines/blob/master/CppCoreGuidelines.md#probounds-bounds-safety-profile

新書介紹

《實(shí)戰(zhàn)Python設(shè)計(jì)模式》是作者最近出版的新書，拜托多多關(guān)注！

本書利用Python 的標(biāo)準(zhǔn)GUI 工具包tkinter，通過可執(zhí)行的示例對(duì)23 個(gè)設(shè)計(jì)模式逐個(gè)進(jìn)行說明。這樣一方面可以使讀者了解真實(shí)的軟件開發(fā)工作中每個(gè)設(shè)計(jì)模式的運(yùn)用場(chǎng)景和想要解決的問題；另一方面通過對(duì)這些問題的解決過程進(jìn)行說明，讓讀者明白在編寫代碼時(shí)如何判斷使用設(shè)計(jì)模式的利弊，并合理運(yùn)用設(shè)計(jì)模式。

對(duì)設(shè)計(jì)模式感興趣而且希望隨學(xué)隨用的讀者通過本書可以快速跨越從理解到運(yùn)用的門檻；希望學(xué)習(xí)Python GUI 編程的讀者可以將本書中的示例作為設(shè)計(jì)和開發(fā)的參考；使用Python 語言進(jìn)行圖像分析、數(shù)據(jù)處理工作的讀者可以直接以本書中的示例為基礎(chǔ)，迅速構(gòu)建自己的系統(tǒng)架構(gòu)。

---

覺得本文有幫助？請(qǐng)分享給更多人。

關(guān)注微信公眾號(hào)【面向?qū)ο笏伎肌枯p松學(xué)習(xí)每一天！

面向?qū)ο箝_發(fā)，面向?qū)ο笏伎迹?/span>