...
| Wiki Markup |
|---|
This compliant solution defines the acceptable range for {{length}} as {{\[1, MAX_TABLE_LENGTH\]}}. The {{length}} parameter is declared as {{size_t}}, which is unsigned by definition. Consequently, it is not necessary to check {{length}} for negative values (see \[[INT01-A. Use rsize_t or size_t for all integer values representing the size of an object]\]). |
| Code Block | ||
|---|---|---|
| ||
enum { MAX_TABLE_LENGTH = 256 };
int create_table(size_t length) {
size_t table_length;
char **table;
if (length == 0 || length > MAX_TABLE_LENGTH) {
/* Handle invalid length */
}
/*
* The wrap check has been omitted based on the assumption that
* MAX_TABLE_LENGTH * sizeof(char *) cannot exceed SIZE_MAX
* If this assumption is not valid, a check must be added
*/
assert(length <= SIZE_MAX/sizeof(char *));
table_length = length * sizeof(char *);
table = (char **)malloc(table_length);
if (table == NULL) {
/* Handle error condition */
}
/* ... */
return 0;
}
|
...