...
Also note that this recommendation suggests that the parameter accompanying array parameters indicate indicates the maximum number of elements that can be stored in the array and not the maximum size, in bytes, of the array . This is because
- It does not make sense to think of array sizes in bytes in all cases; for example, in the case of an array of integers.
- If the size in bytes of the array is required, it can be derived from the number of elements in the array.
- It is better not to add to the cognitive load of the function user by requiring the user to calculate the size in bytes of the array.
...
It is not necessary to go beyond the standard C library to find examples that violate this recommendation , because the C language often prioritizes performance at the expense of robustness. The following are two examples from C99 §7.21.
...
This function provides no explicit maximum argument to s2. But However, it does require that s1max be larger than s2, thereby preventing an out-of-bounds read.
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Bibliography
Related Guidelines
Wiki Markup
|AA. Bibliography#ISO/IEC 9899-1999]\] \[[ISO/IEC TR 24731-1:2007|AA. Bibliography#ISO/IEC TR 24731-1-2007]\]
Bibliography
...