...
If one or more of the operands to the multiplication operations used in many of these macro definitions can be influenced by untrusted data, these operands should be checked for overflow before the macro is invoked. (See INT32-C. Ensure that operations on signed integers do not result in overflow.)
The use of type-generic functionlike macros is an allowed exception (PRE00-EX4) to PRE00-C. Prefer inline or static functions to function-like macros.
Risk Assessment
Failing to cast the result of a memory allocation function call into a pointer to the allocated type can result in inadvertent pointer conversions. Code that follows this recommendation will compile and execute equally well in C++.
...
Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
|
|
| |||||||
Fortify SCA | V. 5.0 |
| Can detect violations of this rule with CERT C Rule Pack. | ||||||
Compass/ROSE |
|
| Can detect some violations of this recommendation when checking EXP36-C. Do not convert pointers into more strictly aligned pointer types. | ||||||
| ECLAIR |
| funcalls | Fully implemented. | ||||||
| PRQA QA·CQA-C |
| Fully implemented |
...
ISO/IEC 9899:2011 Section 7.22.3, "Memory management functions"
Bibliography
[Summit 2005] Question 7.7 and Question 7.7b
...