SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 23

changes.mady.by.user Robert Seacord

Saved on

compared with

New Version 24

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
bgColor#ffcccc
char *buf;
size_t len = 1 << 30;
/* ... */
if (buf + len < buf) { /* length check */
   /* performhandle someinteger manipulationoverflow onerror len */
}

Wiki Markup
are optimized away; no object code to perform the check will appear in the resulting executable program \[[VU#162289|AA. C References#VU#162289]\].

...

Code Block
bgColor#ccccff
char *buf;
size_t len = 1 << 30;
/* ... */
if (SIZE_MAX - len < buf) {  /* length check */
  /* performhandle someinteger operationoverflow using lenerror */
}

Risk Assessment

Out of range integer values can result in fetches or stores from arbitrary memory locations and the execution of arbitrary code.

...