From 5d2c09aa4801b38f2b5342d07dad743004346a08 Mon Sep 17 00:00:00 2001 From: hsutter Date: Thu, 7 Mar 2019 12:00:41 -0800 Subject: [PATCH] Closes #1355 --- CppCoreGuidelines.md | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/CppCoreGuidelines.md b/CppCoreGuidelines.md index c2036c6..6fc29d5 100644 --- a/CppCoreGuidelines.md +++ b/CppCoreGuidelines.md @@ -8938,7 +8938,7 @@ Here, we ignore such cases. * [R.11: Avoid calling `new` and `delete` explicitly](#Rr-newdelete) * [R.12: Immediately give the result of an explicit resource allocation to a manager object](#Rr-immediate-alloc) * [R.13: Perform at most one explicit resource allocation in a single expression statement](#Rr-single-alloc) - * [R.14: ??? array vs. pointer parameter](#Rr-ap) + * [R.14: Avoid `[]` parameters, prefer `span`](#Rr-ap) * [R.15: Always overload matched allocation/deallocation pairs](#Rr-pair) * Smart pointer rule summary: @@ -9379,21 +9379,24 @@ Write your own factory wrapper if there is not one already. * Flag expressions with multiple explicit resource allocations (problem: how many direct resource allocations can we recognize?) -### R.14: ??? array vs. pointer parameter +### R.14: Avoid `[]` parameters, prefer `span` ##### Reason An array decays to a pointer, thereby losing its size, opening the opportunity for range errors. +Use `span` to preserve size information. ##### Example - ??? what do we recommend: f(int*[]) or f(int**) ??? + void f(int[]); // not recommended + + void f(int*); // not recommended for multiple objects (a pointer should point to a single object, do not subscript) -**Alternative**: Use `span` to preserve size information. + void f(gsl::span); // good, recommended ##### Enforcement -Flag `[]` parameters. +Flag `[]` parameters. Use `span` instead. ### R.15: Always overload matched allocation/deallocation pairs