The sizeof operator yields the size (in bytes) of its operand, which can be an expression or the parenthesized name of a type. However, using the sizeof operator to determine the size of arrays is error prone.
The sizeof operator is often used in determining how much memory to allocate via malloc(). However using an incorrect size is a violation of MEM35-C. Allocate sufficient memory for an object.
Noncompliant Code Example
...
Related Guidelines
| CERT C++ Secure Coding Standard | ARR01CTR01-CPP. Do not apply the sizeof operator to a pointer when taking the size of an array |
| MITRE CWE | CWE-467, Use of sizeof() on a pointer type |
| ISO/IEC TS 17961 | Taking the size of a pointer to determine the size of the pointed-to type [sizeofptr] |
...