Size parameter stored in variables of type size_t, but operated on in such a way that it they temporarily stored in variables that are not of type size_t may be corrupted as a result of the implicit conversions performed on integer values as they are passed between different types.
With regards to the standard memory allocation routines, because the ISO/IEC 9899-1999 standard defines malloc(), calloc(), realloc() as taking a variable of type size_t for a size argument, when a size value corrupted by intermediate storage is supplied as a size parameter to an allocation routine, it may resolve to an unexpected value. This error leads to the allocation of memory with an unexpected size.
To prevent this error, size parameters should not be operated on in a way that they are transferred and stored in different data types. Furthermore, size parameters should be checked for integer conversion errors before they are supplied to malloc(), calloc(), or realloc().
Non-compliant Code Example 1
int calculate_size(char *str) {
/* calculates the size of a string */
}
int main() {
size_t s = calculate_size(argv[1]);
char *my_str = malloc(s);
}
References
ISO/IEC 9899-199 Section 7.20.3 Memory Management Functions