...
Fortify SCA Version 5.0 with CERT C Rule Pack will detect integer operations that cause overflow, but not all cases where size_t is not used.
Splint Version 3.1.1 can detect violations of this rule.
Compass/ROSE does not check for violations, but it could, by flagging:
...