You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 30 Next »

The size_t type is the unsigned integer type of the result of the sizeof operator. The underlying representation of variables of type size_t are guaranteed to be of sufficient precision to represent the size of an object. The limit of size_t is specified by the SIZE_MAX macro.

Any variable that is used to represent the size of an object including, but not limited to, integer values used as sizes, indices, loop counters, and lengths should be declared as size_t.

Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.
Unable to render {include} The included page could not be found.

Risk Assessment

The improper calculation of an object's size can result in exploitable vulnerabilities.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

INT01-A

2 (medium)

2 (probable)

2 (medium)

P8

L2

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

References

[[ISO/IEC 9899-1999]] Section 7.17, "Common definitions <stddef.h>"
[[ISO/IEC 9899-1999]] Section 7.20.3, "Memory management functions"

  • No labels