SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 17

changes.mady.by.user David Svoboda

Saved on

compared with

New Version 18

changes.mady.by.user Aaron Ballman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Clarified the second NCCE/CS pair behavior; removed spurious space in code example

...

In this noncompliant code example, a custom container class uses an allocator object to obtain storage for arbitrary element types, but it . While the CopyElements() function is presumed to call copy constructors for elements being moved into the newly-allocated storage, this example fails to explicitly call object constructorsthe default constructor for any additional elements being reserved. If such an element that has been reserved is accessed through the operator[]() function, it results in undefined behavior, depending on the type T.

Code Block
bgColor#FFcccc
langcpp
#include <memory>

template <typename T, typename Alloc = std::allocator<T> >allocator<T>>
class Container {
  T *UnderlyingStorage;
  size_t NumElements;
  
  void CopyElements(T *From, T *To, size_t Count);
  
public:
  void reserve(size_t Count) {
    if (Count > NumElements) {
      Alloc A;
      T *P = A.allocate(Count); // Throws on failure
      try {
        CopyElements(UnderlyingStorage, P, NumElements);
      } catch (...) {
        A.deallocate(P, Count);
        throw;
      }
      UnderlyingStorage = P;
    }
    NumElements = Count;
  }
  
  T &operator[](size_t Idx) { return UnderlyingStorage[Idx]; }
  const T &operator[](size_t Idx) const { return UnderlyingStorage[Idx]; }
};

...

In this compliant solution, the newly allocated memory is all elements are properly initialized by explicitly calling object copy or default constructors for T:

Code Block
bgColor#ccccff
langcpp
#include <memory>

template <typename T, typename Alloc = std::allocator<T>>
class Container {
  T *UnderlyingStorage;
  size_t NumElements;
  
  void CopyElements(T *From, T *To, size_t Count);
  
public:
  void reserve(size_t Count) {
    if (Count > NumElements) {
      Alloc A;
      T *P = A.allocate(Count); // Throws on failure
      try {
        CopyElements(UnderlyingStorage, P, NumElements);
        for (size_t i = NumElements; i < Count; ++i) {
          A.construct(&P[i]);
        }
      } catch (...) {
        A.deallocate(P, Count);
        throw;
      }
      UnderlyingStorage = P;
    }
    NumElements = Count;
  }
  
  T &operator[](size_t Idx) { return UnderlyingStorage[Idx]; }
  const T &operator[](size_t Idx) const { return UnderlyingStorage[Idx]; }
};

...