...
If one or more of the operands to the multiplication operations used in many of these macro definitions can be influenced by untrusted data, these operands should be checked for overflow before invoking the macro. (See rule INT32-C. Ensure that operations on non-atomic signed integers do not result in overflow.)
...