...
Recommendation | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
EXP09-A | high | unlikely | medium | P6 | L2 |
Automated Detection
The tool Compass Rose /ROSE is able to detect violations of this recommendation. In particular, it looks for the size argument malloc(), calloc(), or realloc(), and hollers if it does not find a sizeof operator in the argument expression. It keeps quiet if the return value is assigned to a char*, since that means a string is being allocated, and sizeof is unnecessary, because sizeof(char) == 1.
...
| Wiki Markup |
|---|
\[[ISO/IEC 9899-:1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.2.6, "Representations of types," and Section 6.5.3.4, "The sizeof operator" |
...