...
Compass/ROSE can detect violations of this rule by ensuring that operations are checked for overflow before being performed. Be mindful of INT32-EX2, as it excuses many operations from requiring validation; including all the operations that would validate a potentially dangerous operation. For instnaceinstance, adding two unsigned int's together requires validation involving subtracting one of the numbers from UINT_MAX, which itself requires no validation, as it cannot wrap.
...