Integer values that originate from untrusted sources must be guaranteed correct if they are used in any of the following ways:
Integer values can be invalidated due to excpetional conditions such as overflow, truncation, or sign error leading to exploitable vulnerabilities. Failure to provide proper range checking can also lead to exploitable vulnerabilities.
INT01. Use size_t for all integer values representing the size of an object
INT02. Understand integer conversion rules
INT03. Use a secure integer library
Enforce limits on integer values originating from untrusted sources
Do not make assumptions about the type of a bit-field when used in an expression
Ensure that integer conversions do not result in lost or misinterpreted data
Ensure that integer operations do not result in an overflow
Ensure that division and modulo operations do not result in divide-by-zero errors
Ensure integer values are within valid ranges
Do not truncate the return value from a character input function