...
| Wiki Markup |
|---|
The type {{size_t}} generally covers the entire address space. \[[TR 24731-1|AA. C References#ISO/IEC TR 24731-1-:2007]\] introduces a new type {{rsize_t}}, defined to be {{size_t}} but explicitly used to hold the size of a single object. In code that documents this purpose by using the type {{rsize_t}}, the size of an object can be checked to verify that it is no larger than {{RSIZE_MAX}}, the maximum size of a normal single object, which provides additional input validation for library functions. See [STR07-A. Use TR 24731 for remediation of existing string manipulation code] for additional discussion of TR 24731-1. |
...
Signed integer overflow causes undefined behavior, so nothing can be guaranteed about the program afterward. The following is one possible scenario that illustrates shows why this should be avoided.
...
| Wiki Markup |
|---|
\[[ISO/IEC 9899-:1999|AA. C References#ISO/IEC 9899-1999]\] Section 7.17, "Common definitions {{<stddef.h>}}", Section 7.20.3, "Memory management functions" \[[ISO/IEC TR 24731-1-:2007|AA. C References#ISO/IEC TR 24731-1-:2007]\] |
...
INT00-A. Understand the data model used by your implementation(s) 04. Integers (INT) INT02-A. Understand integer conversion rules