Add assertions for range bounds validity

commit_hash:4417c6200b3fc4e3e6e61648412d263366935fdf

util/generic/array_ref.h

@@ -1,5 +1,6 @@
 #pragma once
 
+#include <util/generic/iterator.h>
 #include <util/generic/yexception.h>
 
 #include <algorithm>
@@ -49,7 +50,7 @@ public:
 
     constexpr inline TArrayRef(T* begin Y_LIFETIME_BOUND, T* end Y_LIFETIME_BOUND) noexcept
         : T_(begin)
-        , S_(end - begin)
+        , S_(NonNegativeDistance(begin, end))
     {
     }
 

util/generic/buffer.h

@@ -1,5 +1,6 @@
 #pragma once
 
+#include "iterator.h"
 #include "utility.h"
 
 #include <util/generic/fwd.h>
@@ -57,7 +58,7 @@ public:
     }
 
     inline void Assign(const char* b, const char* e) {
-        Assign(b, e - b);
+        Assign(b, NonNegativeDistance(b, e));
     }
 
     inline char* Data() noexcept {
@@ -96,7 +97,7 @@ public:
     void Append(const char* buf, size_t len);
 
     inline void Append(const char* b, const char* e) {
-        Append(b, e - b);
+        Append(b, NonNegativeDistance(b, e));
     }
 
     inline void Append(char ch) {

util/generic/iterator.h

@@ -1,5 +1,7 @@
 #pragma once
 
+#include <util/system/yassert.h>
+
 #include <iterator>
 #include <utility>
 
@@ -137,3 +139,9 @@ template <class TIterator>
 auto ToForwardIterator(TIterator iter) {
     return std::next(iter).base();
 }
+
+template <class T>
+constexpr inline size_t NonNegativeDistance(T* b, T* e) noexcept {
+    Y_ASSERT(e >= b);
+    return e - b;
+}

util/generic/strbuf.h

@@ -1,6 +1,7 @@
 #pragma once
 
 #include "fwd.h"
+#include "iterator.h"
 #include "strbase.h"
 #include "utility.h"
 #include "typetraits.h"
@@ -116,7 +117,11 @@ public:
     }
 
     constexpr inline TBasicStringBuf(const TCharType* beg Y_LIFETIME_BOUND, const TCharType* end Y_LIFETIME_BOUND) noexcept
-        : TStringView(beg, end - beg)
+#if __cplusplus >= 202002L && __cpp_lib_string_view >= 201803L && !defined(_LIBCPP_HAS_NO_CONCEPTS)
+        : TStringView(beg, end)
+#else
+        : TStringView(beg, NonNegativeDistance(beg, end))
+#endif
     {
     }
 

util/generic/string.h

@@ -11,6 +11,7 @@
 #include <util/system/compiler.h>
 #include <util/system/yassert.h>
 
+#include "iterator.h"
 #include "ptr.h"
 #include "utility.h"
 #include "explicit_type.h"
@@ -519,7 +520,7 @@ public:
     }
 
     TBasicString(const TCharType* b, const TCharType* e)
-        : TBasicString(b, e - b)
+        : TBasicString(b, NonNegativeDistance(b, e))
     {
     }
 
@@ -656,7 +657,7 @@ public:
     }
 
     TBasicString& assign(const TCharType* first, const TCharType* last) Y_LIFETIME_BOUND {
-        return assign(first, last - first);
+        return assign(first, NonNegativeDistance(first, last));
     }
 
     TBasicString& assign(const TCharType* pc, size_t pos, size_t n) Y_LIFETIME_BOUND {