Boost logo

Boost :

From: Andrey Semashev (andrey.semashev_at_[hidden])
Date: 2019-12-05 08:59:11


On 2019-12-05 11:15, Alexander Grund via Boost wrote:
>
>> ```
>> void fixed_string<N>::resize(size_type s)
>> {
>>    BOOST_FIXED_STRING_PRECONDITION(s <= this->capacity());
>>    // then do the job
>> }
>> ```
>
> +1 on that. I'm always advocating for safe-by-default and found it a
> huge mistake to make operator[] the unchecked one instead of at()
>
> So using BOOST_FIXED_STRING_PRECONDITION which throws by default is the
> right choice IMO.

I'm strongly opposed. Make it a BOOST_ASSERT if you like but no checks
in release mode, please.

What's the point of this check when your index is guaranteed to not
exceed size()-1?

In my whole programming practice, not once did I need at(). Not only
because I didn't need the check at this point, but also because even if
I did need a check at some point before operator[] call, I also was not
satisfied with the exception at() would throw.


Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk