...
This compliant solution performs a post-condition test that the result of the unsigned subtraction operation udiff is not greater than either of the operandsminuend.
| Code Block | ||
|---|---|---|
| ||
unsigned int ui1, ui2, udiff ;
/* Initialize ui1 and ui2 */
udiff = ui1 - ui2;
if (udiff > ui1) {
/* handle error condition */
}
|
...