Saturday, June 6, 2020

Free C++ tools

I love programming in C++.  I have done some professionally for over 20 years now.  Even though C++ no longer has as much market share as it once did, now is the best time to learn C++ thanks to the availability of free and useful C++ tools.  There are so many free and useful utilities that learning and effectively coding in C++ is easier than ever.  Below is a list of my favorite free C++ utilities.

Visual Studio has long been one of the best development IDEs, but what's amazing is how many improvements Microsoft is making.  They are not content to rest on their laurels.  VS2017/2019 are truly awesome platforms for development.  And with the introduction of the Community edition, the bulk of the features are available for free to everyone.  Microsoft has offered a free version of Visual Studio going to the Express edition of the early 2000s, but that version was so crippled it was of little use.  Community is so full-featured that only the most demanding of users would need to upgrade.  Microsoft is even expanding VS beyond Windows and branching into Linux and MacOS.

CppCheck is a free static code analyzer, meaning it inspects your code files looking for common mistakes.  CppCheck is surprisingly good at what it does.  If you run it against your code for the first time, you might be surprised at the problems and suggested improvements it finds.

Clang with the Clang Power Tools extension
Although I firmly believe that Microsoft's compiler is the best option for Windows, the Clang team is making significant improvements to their compiler.  That said, Clang does have at least one cool feature - ClangTidy.  Tidy is similar to CppCheck in that it analyzes your code looking for issues.  Unfortunately, Clang has no UI so it is not easy to use.  That's where the Clang Power Tools extension comes it.  It wraps the features of Clang in an ease to use UI integrated into Visual Studio.

VerySleepy
VerySleepy is a code profiler meaning you can analyze your code looking for performance bottlenecks.  I should point out that VS2017/2019 Community comes with a built-in profiler that is easy to use.  I would recommend Microsoft's profiler included with Visual Studio.  But if for any reason you can't use the Microsoft profiler, check out VerySleepy.

I'll end this list with the latest tool I've discovered.  OpenCppCoverage is a code coverage tool, meaning when you run it the tool checks which lines of code actually executed and which did not.  This is useful when testing your code, it helps you to find code that has gone untested, which means the potential for bugs is higher.  Visual Studio does have built-in code coverage, but only for higher paying customers.  The free Community edition does not offer this feature.  Fortunately this program and corresponding Visual Studio extension do a great job.

Monday, November 18, 2019

C++ virtual destructors, a modern take

Several years ago I created a post where I looked at virtual destructors in C++.  In that post I argued that all C++ classes should have virtual destructors, unless you specifically knew what you were doing and understood the risks.  I originally wrote that before I learned the many benefits of "modem" C++ (aka C++11 and newer).  Modern C++ introduces a few new changes that really improve the language, including changes to virtual methods and class inheritance.  So I would like to revise my suggestions for class designs in C++.

First, and most importantly, it is still a bug to derive from a class that does not have a virtual destructor.  As a developer it is your job to ensure you do not derive from a class with a non-virtual destructor.  At the same time, you should not write a class without a virtual destructor that allows someone else to derive from you.  But the great news is, modern C++ has a solution to both of these problems.


Deriving from a base class without a virtual destructor:
C++ has a new keyword called "override" that tells the compiler to generate an error if the virtual function you have created does not match a virtual function in a higher class.  For example:

class CDerived : public CBase
{
public:
    CDerived();
    virtual ~CDerived() override;
};

In this example "CBase" is the base class.  If CBase has a virtual destructor then this code will compile.  But if CBase does not have a virtual destructor this code will not compile!

The keyword "override" is one of the best new features of modern C++.  Any virtual function should be marked with "override" except the virtual functions in the base class which by definition cannot derive from something else since they are in the base class.


Creating a class 
If you create a class without a virtual destructor, that's fine but someone else might derive from your class without your knowledge or permission.  This would be a bug.  If only there was a way to prevent this from happening.  Good news, in modern C++ there is a way.  Use the keyword "final" to indicate that no class may derive from you.  For example:

class CWidget final
{
public:
    CDerived();
    ~CDerived();
};

In this example I can get away without a virtual destructor because no one could ever derive from my class thanks to the "final" keyword.



Given these new keywords, I would modify my original guidelines as follows.

1.  If you derive from another class, always use "override."
2.  If you create a new class, always use a virtual destructor unless both A) your class does not derive from another class and B) your class is marked with "final."  In this situation, none of your class methods should be marked as virtual.



A few interesting side notes.  First, "override" now supersedes "virtual."  You can use both keywords as I did above, or you can just use "override" which implies "virtual."

A second, more important note, is regarding defaulted destructors.  C++ allows you to omit the destructor, or you can explicitly declare a destructor but use the "default" keyword to omit the destructors definition.  In both cases, the compiler will by default generate a non-virtual destructor.  If you want/need a virtual destructor, write the code yourself (using override) or declare as follows:

virtual ~CWidget() = default;

Related to this last point, the following code is a bug:

class CBase
{
public:
    CBase();
    virtual ~CBase();
};


class CDerived : public CBase

{
public:
    CDerived();
};

Yes the base class has a virtual destructor, and you omitted the destructor so the compiler will generate one for you.  But the generated destructor will not be virtual thus leading to bugs.  To fix this add:

    virtual ~CDerived() override = default;

Wednesday, June 6, 2018

Synology wireless router update

About 1 year ago I posted a review of the Synology RT1900AC wireless router.  To sum up, it's a good router but I have had multiple issues with it over the years.

Most of the issues were Synology working out the kinks in the router.  Anyone today who buys the RT1900AC or its bigger brother the RT2600AC would no longer experience these issues.

However, the biggest and most annoying problem I experienced was the router not connecting to the Internet.  If the connection was broken for whatever reason (like a power outage), only about 50% of the time would it reconnect.  If it failed to reconnect, the problem could only be fixed by rebooting the router, often multiple times.

Well I have good news.  I think Synology has finally fixed this issue in one of their regular router updates.  Shortly after my initial review the problem went away.  It has been almost a year now and my router has not had an issue reconnecting to the Internet.  I know 2 other people with Synology routers and they have not experienced connection issues either.  This is great news.  I can now wholeheartedly recommend either of the Synology routers to anyone looking for a better wireless router.


In other good news.  Anyone who follows technology may remember back in October of 2017 they announced KRACK, a vulnerability that affected all hardware and software that used the WPA2 protocol; including Windows, MacOS, Linux, Android, wireless routers, etc.  Synology pushed a fix for KRACK one day after the announcement.  The only company I am aware that released a fix earlier was Microsoft which had secretly pushed a fix a few weeks earlier.  But Synology got the fix out to their customers faster than most major companies include Google and Apple.  Way to go Synology.  Oh, and many Linksys and Netgear routers were never patched, so they are still vulnerable.

Monday, October 9, 2017

Upgrade to Windows 10 for free!

Good news for anyone wishing to upgrade to Windows 10 for free.  When Windows 10 was first released Microsoft offered a free upgrade for all existing Windows owners.  This upgrade was convenient in that it was offered through Windows Update, so upgrade was relatively quick and painless.  Just walk away from your computer for an hour or so and come back to find Windows 10 installed with all your data and programs still on there.

However, this free upgrade offer was a limited time only, and that offer is no longer an option.  But I have good news, anyone with a valid activated copy of Windows can still upgrade Windows 10 for free.  The key is you cannot do an in-place upgrade but instead you must perform a fresh install.  This is actually my preferred way to upgrade to a new operating system.  Here's how you do it:

1.  You need your existing Windows license key.  This license key might be printed on a sticker attached to your computer.  If not, the easiest way to get your product key is to download and run the utility ProduKey.

2.  You need to obtain the Windows 10 installation files (ISO image).  If you Google for it you can find the download and media creation links direct from Microsoft.  Be aware, you cannot upgrade to any version of Windows 10, but you need to keep it in the same edition.  So if you currently have Windows 7 Home Premium you can install Windows 10 Home.  If you have Windows 7 Professional you can install Windows 10 Professional.

3.  Make a complete backup of your current system.  Again, this is a fresh install that will erase all your data, so don't forget to back up first!

4.  Install Windows 10 onto your computer, be sure to erase the existing copy of Windows and install a fresh copy.  If you are prompted for a license key, enter your existing Windows license key.  Many newer computers the license key is saved on the motherboard itself - if so, Windows will automatically detect this license key and use it without prompting you.

5.  After installation, verify Windows 10 is activated with a "digital license."

6.  Reinstall the programs you use and restore your data from the backup.

7.  After installation, follow these suggestions to configure Windows 10 so that it's usable.


I have used this technique twice to upgrade older Windows 7 systems to Windows 10.  I have not tried Windows 8.x, but I assume it works there as well.  However, older Windows XP and Vista license keys may not work since they are technically out of service.  Also, I cannot guarantee this technique will always work.  Microsoft could stop this at anytime, so proceed with caution.

Update: I can confirm this technique still works as of June 2018.  I have also learned that it does work with "Retail" license keys but not "MSDN" license keys.  A "retail" license key is one that came with a new PC or a legit copy of Windows purchased separately.  "MSDN" license keys are keys used by developers and IT professionals.  So as long as Windows came preinstalled on your computer this technique should allow you to upgrade to Windows 10.

Friday, July 21, 2017

Synology RT1900AC wireless router review

My review of the Synology RT1900AC wireless router would best be summed up as "the wireless router I so want to recommend, but just can't because of issues."

So first a little background.  Like most people I've had several different wireless routers over the past decade.  My previous two routers (Linksys and Netgear) I replaced them not because they were broken or too slow, but because a security flaw was discovered in the router that would allow someone on the Internet to compromise my network, and the manufacturer refused to release a firmware fixing the problem.  Most router manufacturers only support their hardware for a year or two, after that they want you to buy new hardware - what a waste and what a shame.

Now Synology is a company I've used for years, they are most well known for their excellent NAS (Network Attached Storage devices).  I have had a Synology NAS for many years and what I love about them is their support.  They release regular updates for their hardware, and they support their older hardware far longer than most companies would.

So in 2015 when Synology announced they were going to release a wireless router I was very excited!  Finally a company that would support their wireless router long term.  When the Synology RT1900AC was finally released in North America in early 2016 I was a very early adopter, purchasing my unit within 1 week of release.

Unfortunately I've had a number of issues since then and had to contact their tech support on multiple different occasions.  Here's a summary of the issues I've had:

  1. I have a Raspberry Pi connected using wireless, but from time to time the connection would drop out.  The Raspberry Pi was connected using a very common "nano" wireless adapter.  After many emails with tech support on this I found a solution.  If I replaced the wireless adapter with a different one with a larger antenna, the connection issues went away.  What's frustrating about this problem, the Raspberry Pi was only about 2 feet from the RT1900AC, it should have had a strong signal.  Also, the same nano wireless adapter with my previous Netgear wireless router had no issues.  So something about the combination of this nano adapter and the RT1900AC did not work well.
  2. When connecting to my home network remotely using VPN, I could originally access machines in my network but not the RT1900AC's management interface itself.  Tech support helped me get correct firewall rules in place to allow access to the RT1900AC.
  3. When changing the firewall rules to allow access to the RT1900AC, it removed access to other machines in my network.  Neither tech support nor I was unable to find the problem, and I just gave up on VPN for about a year.  I did eventually get it working, continue reading for those details.
  4. A few months ago Synology phased our support for their old VPN server package and replaced it with a new package called "VPN Server Plus."  Since the old VPN wasn't working for me, I ditched that and installed the new one.  When I went to enable OpenVPN it gave me this weird error about installing a certificate.  Tech support had never seen that error before and had no idea what to do.  I tried a factory reset and that fixed the OpenVPN certificate error.  Now using the new VPN server I'm finally able to access both local machines in my network and the RT1900AC itself.
  5. Far and away the biggest issue I've had is not reconnecting to the Internet.  This happened to me the very first day I got the router and continues to happen to this day.  In short, if I reboot my router, there's a power outage, or my ISP drops my connection for some reason when the RT1900AC comes back up only 50% of the time will it reconnect to the Internet.  The rest of the time it won't connect, no matter how long I wait.  The router can be up for days in this unconnected state, it will never reconnect.  The only solution I've found is to reboot the router repeatedly under it does reconnent.  Sometimes I have to reboot the cable modem as well.  I've had it happen before where Internet drops and I literally reboot my router over and over for 2 hours before it finally reconnects.  Now I know this issue is Synology's, I have worked on enough networks to be able to diagnose this.  Working with tech support I rebooted my router a dozen times, and I think it reconnected 5 times and failed to connect 7 times (they analyzed logs from these attempts).  I then connected my Windows 7 computer directly to the cable modem and rebooted a dozen times.  Windows connected to the Internet all 12 times.  I've tried a factory reset, no change.  I've updated to every firmware as they release them, no change.  I purchased a new cable modem, no change.  Now I have a family member in other city with a RT1900AC and they have the exact same problem.  Synology even mailed me a replacement unit at their cost for me to try.  That unit experienced the same problem.  They have tried to diagnose this problem but cannot figure it out.  In the mean time I know of at least 2 people with this same behavior.  It's very frustrating, no one wants a wireless router that won't connect to the Internet.  What good is that?



Even though I've had issues with this router,  it's still a good router.  In fact, I would go as far to say it's better than most wireless routers.  But it's far from perfect and it definitely has not lived up to my very high expectations.  Many of the problems I've faced were fixed in software updates over the months.  But that network connection issue, if they could fix that I would wholeheartedly suggest anyone and everyone should buy this router.

I've spent most of this post talking about the problems.  But I did want to mention the good things about this router.
  • Regular software updates.  Synology publishes updates about once a month.
  • The web management UI is far and away the best web management UI.  Way better and more responsive than anything from Netgear, Linksys, etc.  I'm pretty sure they also have a phone management app, but I have not tried that.
  • The router can support multiple Internet connections (e.g. both a DSL modem and a cable modem) and can operate them in either load-balancing or failover modes.
  • Built-in support for 20 different DDNS providers, including Synology's own which works great!
  • Can connect to the Internet via mobile 3G/4G with additional hardware.
  • Very good parental controls/filtering as well as QoS and wifi priority.
  • Tons of services like VPN, SSH, FTP, SFTP, SMB, etc.
  • USB and SD card slots can function as lightweight NAS for your network.
  • VPN server and VPN client with support for common providers such as OpenVPN, SSTP, L2TP, and PPTP.
  • Additional packages such as media server to host media files for other devices on your network.

To sum up the RT1900AC router is a good piece of hardware that still has some bugs, and hopefully Synology is able to work out those bugs.  If you're a network power user and don't mind a little extra work, give it serious consideration.  If you're a regular user you might want to steer clear as you could be overwhelmed if you run into issues as I have.

Wednesday, May 31, 2017

How to make Windows 10 usable

[Updated 12/31/2018]

Recently I upgraded my computer to Windows 10.  Microsoft, for whatever reason, with every release of Windows completely changes things.  For no good reason they move stuff around and change things that weren't broken.  So here is a guide on how to make Windows 10 more like Windows 7, which makes Windows 10 usable.

  • When installing Windows 10, if you have the choice select Windows 10 Enterprise.  Enterprise is nice because it does not come pre-loaded with all the Windows Store Apps that Home and Professional do.  So out of the box it's closer to Windows 7.
  • Download and install Open-Shell (formerly known as Classic Shell).  Windows 10 does include a "start menu" which was removed in Windows 8, but it's no where near as good as the start menu in Windows 7.  Open-Shell restores that start menu in all its glory.  In fact, Open-Shell is even better than the Windows 7 start menu and works on Windows 7 too!  Spend a few minutes exploring all the settings in Open-Shell, you can customize it exactly how you want it.
  • Download and run OldNewExplorer.  This extension fixes Windows File Explorer to the look and feel more like Windows 7.  When you run OldNewExplorer, click "Install" and then select the options you want.  Here are my settings:


  • Download and install Explorer++.  Even though OldNewExplorer fixes much of the Windows File Explorer, it's still not as good as the Windows File Explorer in older versions of Windows.  That's where Explorer++ comes in.  This open-source program is a very good file manager.
  • Download and install FileLocator Lite.  This program is free for personal use and it's a very good Windows file search program.  The file search in Windows 7/10 is horrible compared to Windows XP.  FileLocator Lite restores that Windows XP style search.
  • Download and install Process Hacker.  Although Task Manager in Windows 10 isn't that bad, they did still change it from Windows 7 and I preferred the simple process view.  Process Hacker is a great open source tool that is very configurable.  It even has an option to replace the built-in Task Manager for keyboard and mouse shortcuts.  If neither the Windows 10 Task Manager nor Process Hacker work for you, give Process Explorer (also from Microsoft) a try.
  • Windows 10, more than any previous version of Windows, sends a lot of data back to Microsoft.  Data like which apps you use, how long you use them, what websites you visit.  It even downloads data from Microsoft such as ads to display in Windows.  A program called ShutUp10 allows you to turn all this off if you want.  You can turn some things off and leave other things on.  I always run this on new Windows 10 machines.  I personally don't turn off all settings, some things like Windows Update I leave enabled.  But ShutUp10 does a great job of explaining each setting and even gives their recommendations as to enabled or disabled.
  • If you want a "pure" desktop environment, remove as many of the Windows Store applications (formerly called Metro-apps) as you can.  This can easily be done using the following PowerShell script.  This script will remove all packages except A) those packages deemed by Microsoft to be required and thus cannot be uninstalled using any technique and B) the "Windows Store" package.  Strangely the Windows Store package is not marked "required" but if you remove this package you cannot install Windows Apps in the future if you want to.  Best to play it safe and leave this one package installed.  Save the following script as "RemoveApps.ps1" then run PowerShell as an administrator.  Then run the script.  If this is the first time you've run a PowerShell script on your system you might get an error.  If so, run this command "Set-ExecutionPolicy RemoteSigned" to allow the script to run.  Note, after you run this script there may still exist some Windows apps in the start menu, annoying things like "Candy Crush."  That's because these apps aren't actually installed, the Windows start menu puts them there as advertisements.  If you click on them the app is downloaded and installed.  You can right click and uninstall these annoying advertised apps.
# RemoveApps.ps1
$storepkg = (Get-AppxPackage Microsoft.WindowsStore).PackageFullName

$pkgs = (Get-AppxPackage *).PackageFullName
foreach($pkg in $pkgs)
{
    if($pkg -ne $storepkg)
    {
        Remove-AppxPackage $pkg
    }
}

$pkgs = (Get-AppxPackage -AllUsers *).PackageFullName
foreach($pkg in $pkgs)
{
    if($pkg -ne $storepkg)
    {
        Remove-AppxPackage -AllUsers $pkg
    }
}

  • Right click on the start menu and remove Task View and Windows Store.
  • Right click on the start menu and select Search | Hidden to hide the Cortana search bar.
  • Select Settings | Personalization | Colors | and enable Show Color on Title Bar.  This adds color back to the application caption bar instead of the default plain white bar.
  • Inactive windows in the background still have a white title bar.  Adding color to this helps it to stand out as a background windows.  Open regedit and browse to HKCU\SOFTWARE\Microsoft\Windows\DWM.  Create or edit the DWORD value AccentColorInactive.  Set it to the hex value for the color you want, e.g. 00c0c0c0 for 192 192 192 (light gray).
  • Add my computer and network links to the desktop by selecting Settings | Personalization | Themes | Desktop Icon Settings and enable Computer and Network.
  • Disable that annoying lock screen which forces you to "swipe" to login (which is annoying for keyboard and mouse).  Open the registry editor and ensure the following key and value exists:  Key: HKLM\SOFTWARE\Policies\Microsoft\Windows\Personalization  Value: "NoLockScreen"  Type: DWORD, set to 1.  Update:  I have noticed not all versions of Windows 10 will honor this registry key, in particular Windows 10 Home and especially newer updates.  But after much trying I got this to work, even on Windows 10 Home Creators Update.  In addition to this registry key, you need to make a Group Policy change.  The trick is, Windows 10 Home does not include the Group Policy Editor, so you need to install that.  This website has a batch file you can download and run that installs the Group Policy Editor.  Then run gpedit.msc and browse to Computer Configuration | Administrative Templates | Control Panel | Personalization.  Find "do not display the lock screen" and change it to "enabled."  If you try and that and it still doesn't work, here's one final thing to check.  Browse to (or create if missing) the following registry key: HKLM\Microsoft\Windows\CurrentVersion\SystemProtectedUserData\<SID>\AnyoneRead\LockScreen.  There should be a DWORD registry value "HideLogonBackgroundImage" and set to 1.  Note, this last registry key is a system-protected registry key, you'll need to take ownership of the registry key in order to change the value.
  • If you try and copy files to/from your Windows 10 machine using the admin shares, you might get access denied even when you enter valid credentials.  To fix this, open the registry key HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System then create a DWORD value "LocalAccountTokenFilterPolicy" and set it to 1.

These steps make Windows 10 very usable.  In fact, with these changes I think Windows 10 is better than Windows 7.  But without these changes Windows 10 is hard to use and navigate.

Thursday, August 25, 2016

C++ Programming Tips

For 2 decades now I have been a professional C++ developer.  Along the way I have learned a lot about programming in C++.  I've made a lot of mistakes and learned from them.  There are thousands of other C++ developers out there of all skill levels who could benefit from this knowledge.  So below is a list of tips I've learned that will help you to write better C++ code.  For each tip I include a brief explanation why that tip is worth remembering and using.


Consistent Coding Style
Every developer has their own coding style.  I'm not going to tell you to use one style over another.  But it is important that you are consistent in your coding style.

Reasoning:  If you are consistent in your coding style it makes things like global searches more effective.


Virtual Destructors
Always make your class destructors virtual.

Reasoning:  Without virtual destructors you can introduce bugs and memory leaks.  I wrote an entire post on this topic alone.  There is one exception.  If your class has no other virtual functions, and if your class does not derive from a base class, and if you mark your class "final" then you can safely omit the virtual destructor.


Const Function Parameters
Whenever possible, function parameters should be made "const."  If a given parameter is not modified by the function, then the parameter should be marked const.

Reasoning:  It's great self-documenting code.  Just by looking at a function declaration you can tell if a parameter will be modified.  It also can help you catch bugs in your code because the compiler may warn you if you accidentally try to violate the const variable.


Const Member Functions
Whenever possible, class member functions should be marked "const."  If a given function does not modify a class member variable or call another non-const member function, then the function should be marked const.

Reasoning:  It's great self-documenting code.  Just by looking at a function declaration you can tell if the class object will be modified.  It also can help you catch bugs in your code because the compiler may warn you if you accidentally try to violate the const function.


Static Member Functions
If a class member function does not modify a class member variable nor call a non-static member function, then that function should be marked as "static."

Reasoning:  Again, it's great self-documenting code, and it can help you catch bugs in your code because the compiler may warn you if you accidentally try to violate the static function.


No Classes without Member Variables
If you have a class that has no member variables, instead turn that class into either standalone functions or use a namespace to group the functions.

Reasoning:  A class with no member variables is not an object at all.  By using a class you are wasting a small amount of runtime memory because of things like the "this" pointer.


Properly Size Integers and Floats
When declaring a new integer or (to a lesser degree) a float, consider the range of possible values for that integer and choose accordingly.  For example, if the variable will store a person's age then all you need is an 8-bit integer, don't just type "int" and be done with it.

Reasoning:  Choosing properly sized variables will help to minimize memory usage during runtime.


Use Signed and Unsigned Integers Appropriately
Most developers seem to use signed integers when an unsigned integer is what they really should have used.  For example, a variable to hold a percentage should be an unsigned 8-bit integer since the valid range is 0 - 100.

Reasoning:  If you properly use signed and unsigned variables, the compiler will usually generate warnings if you try and improper operation.  This helps to prevent bugs in your code.


Use Pre-operators Instead of Post-Operators
Whenever possible use pre-increment (++itr) and pre-decrement (--itr) instead of post-increment (itr++) and post-decrement (itr--).

Reasoning:  It turns out that pre-operators are faster than post-operators if the object in question is a class.  For simple data types like integers there is no difference.  The reason pre is faster than post is because post must make a copy of the original object before performing the operation, but pre does not need to make a copy of the object.


Avoid Large Array Variables
Do not declare large array variables, for example:  char buffer[8192].  Instead large arrays like this should be allocated using malloc/new.

Reasoning:  All function variables, include arrays, are allocated against the stack not the heap.  It's well known the dangers of using a recursive function, you might blow the stack.  But large arrays like this could also lead to a stack overflow.  So avoid large arrays and malloc/new them instead.  It's alright to use small arrays in this way.


Use "bool" and "nullptr" instead of "BOOL" and "NULL"
If your compiler supports them, then use the newer data types bool and nullptr.

Reasoning:  By using native types instead of the older #defines the compiler can help you to catch mistakes.  For example, if you accidentally type the following the compiler should give you a warning: bool bResult = (n = 5);  You meant to type "n == 5" but make a common mistake.  Since you used "bool" the compiler should catch this.  But if you used "BOOL" the compiler sees this as valid code.


Don't Compare Against TRUE
Do not test for true like this:  if(func() == TRUE) or this:  if(func() != TRUE)  Instead test like this:  if(func() != FALSE) and this:  if(func() == FALSE)

Reasoning:  "TRUE" is defined to be 1, but a function could return something other than 1 to represent true.  The only way to guarantee a correct comparision is to only test against FALSE.  Of course the best option is to use the newer native type "bool" if it's available.


Use malloc/free Instead of new/delete for Simple Types
If you are allocating memory for native types (ints, floats, chars, enums, or structs containing only these types) then use the older C malloc instead of the newer C++ new.  If you are allocating memory for a class object, or a struct containing one or more class objects, then you must use new.

Reasoning:  Calling malloc is faster than new.  They both allocate memory on the heap, but new then checks for and calls constructors.  This means for simple data types malloc is faster.


Do Not Test for NULL After Calling new
If you allocate memory with new, do not test the result to verify the allocation was successful.  For example:

CMyClass *p = new CMyClass;
if(p)
{
     ...
}

Reasoning:  This test is a complete waste of time and code.  The new operator already tests the allocation.  If the allocation fails then new throws an exception.  So testing the result yourself is redundant and a waste.  Note this is not true of malloc which does not test the result.  So if you use malloc or other similar allocator, be sure to verify the result.


Know When to Test for NULL Before Freeing Resources
Some release/free functions test the input before attempting to deallocate them, others do not.  For example, CloseHandle on Windows does not test the handle against NULL first.  On the other hand, "delete" does test the pointer against NULL.

Reasoning:  Not testing first may result in an application crash if the release function does not check.  If the release function does check and your code also checks, that is wasted CPU cycles.  Learn which functions to check first before calling.


Size Versus Length
When naming things like functions and variables, be aware of the difference between size and length.  Size is the number of bytes an item requires whereas length is the count of or the number of items.  This is really a problem when it comes to strings (character arrays).  With "char" arrays size and length ARE the same, so many developers use "size" and "length" interchangeable.  But with newer Unicode and wide strings size and length are different.  So name functions and variables accordingly.

Reasoning:  Properly named functions and variables reduce the chance of bugs.  Since size and length are not always the same, using the wrong one would be a bug.


Do Not Put Conditional Statements on One Line of Code
Do not simplify your code by condensing things down to one line of code.  For example:

if(p) delete p;

Instead this should be:

if(p)
    delete p;

Reasoning:  When you condense code like this it makes it harder to debug.  When debugging line by line it is harder to tell if the conditional statement succeeded or failed.



Do Not Use "catch(...)"
Never use "catch(...)" in your code!  This form of exception handling catches all exceptions.

Reasoning:  Catching all exceptions prevents your code from ever crashing, which is a good thing right?  Wrong.  In the event of an exception your code continues to execute but it is now running in a "compromised" state.  Memory may be corrupted, variables or registers may be wrong.  So what ends up happening is your program will crash randomly some place else.  These random crashes are impossible to debug postmortem.  It is best to remove "catch(...)" and let the original crash occur.  Then you can debug and fix the original problem.


Do Not Use Exceptions for Flow Control
Do not use exceptions as a simple way of transferring flow to a different part of the code.  For example, if you are deep inside nested loops and it's time to exit, you could throw an exception and catch that exception before leaving that function.  Instead you should exit each loop or even use a goto.

Reasoning:  When it comes time to debug your code often times it's nice to attach the debugger and tell the debug to break on all exceptions (handled or otherwise).  But if you used exceptions for flow control then the debugger will constantly break when no problem has occurred.  Exceptions should be reserved for just that, an exceptional condition has occurred that needs special attention.  Flow control is not "exceptional."


Only Include Required Files in Your Headers
Do not #include a lot of extra things in your header files.  Only include what that file must have.

Reasoning:  First, it reduces compile time as the compiler has to open up and parse fewer files.  Secondly, if that file gets included somewhere else or in another project, it prevents you from having to pull in a lot of extra unnecessary files.


Forward Declare What You Can in Header Files Instead of Including More Headers
If your header file references a pointer to a class object only, do not #include the header for that class.  Instead forward declare the object and put the #include into the CPP file.

Reasoning:  The benefits are the same two as the previous.  First, it reduces compile time as the compiler has to open up and parse fewer files.  Secondly, if that file gets included somewhere else or in another project, it prevents you from having to pull in a lot of extra unnecessary files.


Only Include Required Files in Your CPP File
Do not pull in extra unused headers in your source code files.  Make an effort to only include required files, which means removing old headers as code changes over time.

Reasoning:  It reduces compile time as the compiler has to open up and parse fewer files.


Avoid Putting Function Bodies Into Header Files
Header files should be for class and function declarations.  All the function bodies should be located in CPP files.  There are two exceptions; inline functions and templatized functions - both of which many compilers do not allow you to split them across header and source code files.

Reasoning:  Again, it decreases the time it takes to compile your code.  It also simplifies your headers meaning you do not need to pull in as many files if the header files are used in another project.


Use "#pragma once"
In all of your header files use "#pragma once" and not the older #ifndef guards.

Reasoning:  Using pragma once is the only way to guarantee a file is included only once.  Problems can occur with guards such as copy and paste bugs (you copied from one file to another and forgot to make the guard unique).  Also, if your guard matches a guard from another file (perhaps from an SDK) then a bug might occur.


Beware of Unsafe Macros
As a general rule, do not pass a function into a macro.  For example, assume a macro MAX(a,b)  Do not do something like this:  n = MAX(1000, crypt.CalcCryptoHash());

Reasoning:  Do you see the problem with the call to MAX above?  Probably not, because the macro hid the details from you.  If I expand the macro as the compiler would, the above becomes:  n = (1000 < crypt.CalcCryptoHash() ? crypt.CalcCryptoHash() : 1000) ;  Now the problem should be obvious, the function CalcCryptoHash() is potentially called twice.  At best this is a performance hit, at worst depending on what this function does it could be a bug in your code.  So be careful when using macros.


Learn When and Where to Use References
If you are writing a function that takes a pointer (*) as an input, consider using a reference (&) instead.  In fact, probably the only time to use pointer instead of a reference is if the caller of the function might pass in NULL/nullptr.  But if the parameter can never be NULL/nullptr, then use a reference instead.  Also, if the item being passed to a function is an object (class or struct) or even a native type that is larger than the system architecture (e.g. a 64-bit integer on a 32-bit system) then pass by reference as well.

Reasoning:  References are more efficient and make for cleaner code compared to regular pointers.  When passing things by reference it becomes even more important to use "const" for variables the function will not modify.