|
Boost : |
From: Andrzej Krzemienski (akrzemi1_at_[hidden])
Date: 2019-12-05 08:38:43
czw., 5 gru 2019 o 09:15 Alexander Grund via Boost <boost_at_[hidden]>
napisaÅ(a):
>
> > ```
> > void fixed_string<N>::resize(size_type s)
> > {
> > BOOST_FIXED_STRING_PRECONDITION(s <= this->capacity());
> > // then do the job
> > }
> > ```
>
> +1 on that. I'm always advocating for safe-by-default and found it a
> huge mistake to make operator[] the unchecked one instead of at()
>
> So using BOOST_FIXED_STRING_PRECONDITION which throws by default is the
> right choice IMO.
>
However, in order for this to be implemented in `fixed_string`, the library
authors would have to make (and document) a design decision that contract
for using this library is that users write the code so that resizing never
exceeds capacity, and if such condition is nonetheless ever detected it is
treated as programmer bug.
But my impression is that the library has taken a different route: it is
absolutely fine to resize over capacity, and in this case the program will
simply jump to a different place in the execution flow (throwing an
exception does this), and user deliberately triggers this event because she
wants to get to this specific place in program execution.
But the library never documented which design was chosen, so I do not even
know if it makes sense to suggest BOOST_FIXED_STRING_PRECONDITION().
Regards,
&rzej;
>
>
> _______________________________________________
> Unsubscribe & other changes:
> http://lists.boost.org/mailman/listinfo.cgi/boost
>
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk