...
The examples in this rule reflect both a correct and wrong ways way to handle comparisons of numbers representing different things (either single bytes or multibyte data structures). The NCEs just add the numbers without regard to units, whereas the compliant solutions use type casts to convert one number to the appropriate unit of the other number.
...
| Wiki Markup |
|---|
In addition to pointer arithmetic expressions, one can also hunt for array index expressions, as {{array\[index\]}} is merely shorthand for '{{array + index}}'. But programmers will likely beare more conscientiouslikely aboutto usinguse {{\[\]}} with correct units than when usinguse pointer arithmetic with proper units. |
Related Vulnerabilities
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
...