Page History

...

An example of undefined behavior in C99 is the behavior on signed integer overflow. (See also guideline rule INT32-C. Ensure that operations on signed integers do not result in overflow.) This noncompliant code example depends on this behavior to catch the overflow.

...

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C++ Secure Coding Standard: MSC15-CPP. Do not depend on undefined behavior

...

Wiki Markup\[[ISO/IEC 9899:1999|AA. Bibliography#ISO/IEC 9899-1999]\] Section 3.4.3, "undefined behavior," Section 4, "Conformance," and Annex J.2, "Undefined behavior" \[[

ISO/IEC PDTR 24772|AA. Bibliography#ISO/IEC PDTR 24772]\] TR 24772 "BQF Unspecified Behaviour", "EWF Undefined Behaviour" and "FAB Implementation-defined Behaviour"

Bibliography

\[[Seacord 2005|AA. Bibliography#Seacord 05]\] Chapter 5, "Integers"

...