Warning C26481
Don't use pointer arithmetic. Use span instead (bounds.1).
Remarks
This check supports the C++ Core Guidelines rule I.13: Do not pass an array as a single pointer. Whenever raw pointers are used in arithmetic operations they should be replaced with safer kinds of buffers, such as span<T> or vector<T>.
This check is more restrictive than I.13: it doesn't skip zstring or czstring types.
C26481 and C26485 come from the Bounds Safety Profile rules. These rules were implemented in the first release of the C++ Core Guidelines Checker. They're applicable to the raw pointers category since they help to avoid unsafe use of raw pointers.
Example
This sample results in a warning for pointer arithmetic.
// c26481_bad.cpp
// compile using:
// set Esp.Extensions=CppCoreCheck.dll
// cl /W3 /EHsc /permissive- /analyze /analyze:plugin EspXEngine.dll /analyze:ruleset "%VSINSTALLDIR%\Team Tools\Static Analysis Tools\Rule Sets\CppCoreCheckBoundsRules.ruleset" c26481_bad.cpp
int main() noexcept
{
int * from_array = new int(10);
int * later_array = from_array + 1;
delete[](from_array);
}
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for