...
If one or more of the operands to the multiplication operations used in many of these macro definitions can be influenced by untrusted data, these operands should be checked for overflow before invoking the macro. (See rule INT32-C. Ensure that operations on non-atomic signed integers do not result in overflow.)
The use of type-generic function-like macros is an allowed exception (PRE00-EX4) to recommendation PRE00-C. Prefer inline or static functions to function-like macros.
Risk Assessment
Failing to cast the result of a memory allocation function call into a pointer to the allocated type can result in inadvertent pointer conversions. Code that follows this recommendation will compile and execute equally well in C++.
...
CERT C++ Secure Coding Standard: MEM02-CPP. Immediately cast the result of a memory allocation function call into a pointer to the allocated type
ISO/IEC 9899:1999 Section 7.20.3, "Memory management functions"
Bibliography
[Summit 2005] Question 7.7 and Question 7.7b
...