Improve StreamReader/Writer static checks #135
Comments
Merged
|
Saw this article about This could be used to ensure a zero-cost runtime check when This could be used to wrap the existing runtime checks, such that they are only present in the compiled code if some if constexpr(compileTimeSizeTypeRangeCheck) {
if (existingRuntimeOverflowCheck) {
throw std::runtime_error("Overflow ...");
}
}Here's some additional update info detailing |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We can improve the static checks for the StreamReader and StreamWriter template methods. In particular, the length prefixed data types can use some bounds checking on the length. The checks depend on Read/Write, as well as the relative data sizes between the chosen type and
std::size_t.For reading:
With signed length values, negative values should result in an exception.
For positive values (either signed or unsigned types), exceeding the bounds of a
std::size_tshould result in an exception.For writing:
No bounds checking is needed for negative values, as an object can never have negative size.
If the size of the object (bounded by the range of
std::size_t) exceeds the range of the chosen length type, an exception should be raised.Depending on the type parameter, either case may be impossible. It is desirable to not incur any runtime cost for these checks when the condition is impossible. For instance, a
uint32_tcan never be negative, and can never overflow the bounds of astd::size_t.It may be possible to implement this with template specialization using some combination of the following methods:
From
<type_traits>:std::integral_constantstd::is_signedstd::is_unsignedFrom
<numeric_limits>:std::numeric_limits::is_integerstd::numeric_limits::is_signedThe text was updated successfully, but these errors were encountered: