Here is an excerpt of the CERT coding standards regarding operations on unsigned integers $($Rule INT$3$C$)$ :

$$A computation involving unsigned operands can never overflow, because a result that cannot be represented by the resulting unsigned integer type is reduced modulo the number that is one greater than the largest value that can be represented by the resulting type$.$

According to the CERT, this $$wrap$-$around$$ behavior should be avoided in the following situations: $$integer operand on any pointer arithmetic, including array indexing $$ assignment expressions for the declaration of a variable length array Give some $$security critical$$ examples for each of these situations$.$

Here is code fragment extracted from OpenSSH $3\mathrm{.}3$ :

unsigned int i$,$ nrep; $//$ user inputs

$...$

nrep $=$ packet$\_$get$\_$int$()$ ;

response $=$ malloc$($nrep$*$sizeof$($char$*))$;

if $($response $!=$ NULL$)$

for $($i$=0$; i