Size parameter stored in variables of type size_t, but operated on in such a way that it they temporarily stored in variables that are not of type size_t may be corrupted as a result of the implicit conversions performed on integer values as they are passed between different types.
With regards to the standard memory allocation routines, because the ISO/IEC 9899 standard defines malloc, calloc, realloc as taking a variable of type size_t, when a size value corrupted by intermediate storage is supplied as a size parameter to an allocation routine, it will resolve to an unexpected value. This error leads to the allocation of memory with an unexpected size.
To prevent this error, size parameters should not be operated on in a way that they are stored in different data types. Furthermore, size should be checked for integer conversion errors before they are supplied to malloc, calloc, or realloc.
Non-compliant Code Example 1
/