...
* - both the functions take more than one size_t argument. In such cases, the compliant code will have to be changed according to the purpose of these arguments. For example in the case of fread():
size_t fread ( void *ptr, size_t size, size_t count, FILE * stream)
the programmer should make sure that the memory block to which 'ptr' points is of atleast at least (size*count) bytes.
Risk Assessment
Depending on the library function called, the attacker may be able to use a heap overflow vulnerability to run arbitrary code. The detection of checks specified in description can be automated but the remediation has to be manual.
...