[deletes]

How does this check for anything??:

   if ( size == 0 || size > SIZE_MAX ) {...

size is not given a type, but if it is a size_t, then the comparison is constant and if statements is always false, unless size == 0. The second part is useless, since the maximum size of size_t == SIZE_MAX.

[jwise0]

Worse, it is not even a certain check against integer overflow. A particularly large expression could have overflowed substantially enough that it becomes positive again!

This, in fact, was the source of a vulnerability in PHP [1]. (The way they 'resolved' it, uh, isn't much better.)

There is almost never a magic bullet for integer overflow. Programming secure systems requires thought.

[1] http://use.perl.org/use.perl.org/_Aristotle/journal/33448.ht...

[comex]

Note that since it says 'size == 0', it's not merely "not a certain check", but a check that passes for almost all overflowing values :)

[tterrace]

Hmmm, that looks oddly familiar: http://use.perl.org/use.perl.org/_Aristotle/journal/33448.ht...

[pfacka]

It seems that I have totally messed up whole vector example by last minute changes. The check was meant to illustrate what eliteraspberrie described in previous comment.