...
This compliant solution defines an acceptable range for table size as 1 to MAX_TABLE_SIZE. Note that the The size parameter is typed as size_t and is unsigned by definition unsigned, thus. Consequently, it need not be checked that it is negative is not necessary to check size for negative values (see INT01-A. Use size_t for all integer values representing the size of an object).
| Code Block | ||
|---|---|---|
| ||
enum { MAX_TABLE_SIZE = 256 };
int create_table(size_t size) {
char **table;
if (sizeof(char *) > SIZE_MAX/size) {
/* handle overflow */
}
size_t table_size = size * sizeof(char *);
if (size == 0 || size > MAX_TABLE_SIZE) {
/* Handle invalid size */
}
table = malloc(table_size);
if (table == NULL) {
/* Handle error condition */
}
/* ... */
return 0;
}
|
...