SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 86

changes.mady.by.user Robert Seacord (Manager)

Saved on

compared with

New Version 87

changes.mady.by.user Robert Seacord (Manager)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: fixed sizeof(size_t) > sizeof(int) explanation

...

sizeof(size_t) > sizeof(int)

Wiki MarkupSimilar behavior as the case above occurs for values of {{n <= UINT_MAX}}. For values of {{n > UINT_MAX}}, the expression {{\++i}} will wrap around to zero before the condition {{i < n}} ever evaluates to false. This causes all memory within {{\[INT_MIN, INT_MAX\]}} from the beginning of the output buffer to be overwritten in an infinite loopFor values of n where 0 < n <= INT_MAX, the loop executes n times, as expected. For values of n > INT_MAX, the loop executes INT_MAX + 1 times. For each iteration, i is in the range 0 through INT_MAX. Once i becomes negative, the loop will stop, because a negative value for i converts into SIZE_MAX + 1 + i. Because sizeof(size_t) > sizeof(int), SIZE_MAX is well above INT_MAX * 2, as well as SIZE_MAX + 1 + INT_MIN, therefore the size_t values i converts to are always greater than values of n in the range INT_MAX + 1 to INT_MAX * 2.

Compliant Solution (TR 24731-1)

...