C++: Edit Recommendation section

jbj · jbj · commit 7485cc76b2cf · 2019-11-15T11:05:00.000+01:00
1. The two last examples were misleading at best. The first of those two
   recommended casting to non-negative `int`s to `unsigned int` and then
   checking if their addition would overflow, but overflow was
   impossible because their sum (on 32-bit two's complement) could be at
   most 2^32 - 2. The second example could lead to the wrong condition
   (unsigned overflow) being checked if taken literally. Instead of
   keeping that example, I reworeded the first paragraph of the
   Recommendation section.
2. The assumptions about `delta` being positive was relaxed to
   non-negative.
3. There was no need to assume that an unsigned short was non-negative.
4. Some of the suggestions were missing `i &gt;`.
diff --git a/cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.qhelp b/cpp/ql/src/Likely Bugs/Arithmetic/SignedOverflowCheck.qhelp
@@ -19,48 +19,28 @@ optimizing compiler.
 <p>
 Solutions to this problem can be thought of as falling into one of two
 categories: (1) rewrite the signed expression so that overflow cannot occur
-but the signedness remains, or (2) rewrite (or cast) the signed expression
-into unsigned form.
-</p>
-
-<p>
-Below we list examples of expressions where signed overflow may
-occur, along with proposed solutions.  The list should not be
-considered exhaustive.
+but the signedness remains, or (2) change the variables and all their uses to
+be unsigned. The following cases all fall into the first category.
 </p>
 
 <p>
 Given <code>unsigned short i, delta</code> and <code>i + delta &lt; i</code>, 
 it is possible to rewrite it as <code>(unsigned short)(i + delta)&nbsp;&lt;&nbsp;i</code>.
-Note that <code>i + delta</code>does not actually overflow, due to <code>int</code> promotion
+Note that <code>i + delta</code> does not actually overflow, due to <code>int</code> promotion.
 </p>
 
 <p>
 Given <code>unsigned short i, delta</code> and <code>i + delta &lt; i</code>,
-it is also possible to rewrite it as <code>USHORT_MAX - delta</code>. It must be true
-that <code>delta &gt; 0</code> and the <code>limits.h</code> or <code>climits</code>
-header has been included.
+it is also possible to rewrite it as <code>i &gt; USHORT_MAX - delta</code>. The
+<code>limits.h</code> or <code>climits</code> header must then be included.
 </p>
 
 <p>
 Given <code>int i, delta</code> and <code>i + delta &lt; i</code>,
-it is possible to rewrite it as <code>INT_MAX - delta</code>. It must be true
-that <code>delta &gt; 0</code> and the <code>limits.h</code> or <code>climits</code>
+it is possible to rewrite it as <code>i &gt; INT_MAX - delta</code>. It must be true
+that <code>delta &gt;= 0</code> and the <code>limits.h</code> or <code>climits</code>
 header has been included.
 </p>
-
-<p>
-Given <code>int i, delta</code> and <code>i + delta &lt; i</code>,
-it is also possible to rewrite it as <code>(unsigned)i + delta &lt; i</code>.
-Note that program semantics are affected by this change.
-</p>
-
-<p>
-Given <code>int i, delta</code> and <code>i + delta &lt; i</code>,
-it is also possible to rewrite it as <code>unsigned int i, delta</code> and
-<code>i + delta &lt; i</code>.  Note that program semantics are 
-affected by this change.
-</p>
 </recommendation>
 
 <example>
