Warning C26481

Don't use pointer arithmetic. Use span instead (bounds.1).


This check supports the C++ Core Guidelines rule I.13: Do not pass an array as a single pointer. Whenever raw pointers are used in arithmetic operations they should be replaced with safer kinds of buffers, such as span<T> or vector<T>.

This check is more restrictive than I.13: it doesn't skip zstring or czstring types.

C26481 and C26485 come from the Bounds Safety Profile rules. These rules were implemented in the first release of the C++ Core Guidelines Checker. They're applicable to the raw pointers category since they help to avoid unsafe use of raw pointers.


This sample results in a warning for pointer arithmetic.

// c26481_bad.cpp
// compile using:
// set Esp.Extensions=CppCoreCheck.dll
// cl /W3 /EHsc /permissive- /analyze /analyze:plugin EspXEngine.dll /analyze:ruleset "%VSINSTALLDIR%\Team Tools\Static Analysis Tools\Rule Sets\CppCoreCheckBoundsRules.ruleset" c26481_bad.cpp

int main() noexcept
    int * from_array = new int(10);
    int * later_array = from_array + 1;