One of the problems with arrays is determining the size. The sizeof operator yields the size (in bytes) of its operand, which may be an expression or the parenthesized name of a type.
Recommendation |
Severity |
Likelihood |
Remediation Cost |
Priority |
Level |
|---|---|---|---|---|---|
ARR00-A |
3 (high) |
1 (unlikely) |
3 (low) |
P9 |
L2 |
\[[ISO/IEC 9899-1999|AA. C References#ISO/IEC 9899-1999]\] Section 6.7.5.2, "Array declarators" \[[Drepper 06|AA. C References#Drepper 06]\] Section 2.1.1, "Respecting Memory Bounds" |