- * If an existing object has size S, and if T is sufficiently small
- (e.g., 8 KiB), then S + T cannot overflow. Overflow in this case
- would mean that the rest of your program fits into T bytes, which
- can't happen in realistic flat-address-space hosts.
+ - If two nonoverlapping objects have sizes S and T represented as
+ size_t values, then S + T cannot overflow.
+
+ - A pointer P points within an object O if and only if
+ (char *) &O <= (char *) P && (char *) P < (char *) (&O + 1).
+
+ - If an existing object has size S, and if T is sufficiently small
+ (e.g., 8 KiB), then S + T cannot overflow. Overflow in this case
+ would mean that the rest of your program fits into T bytes, which
+ can't happen in realistic flat-address-space hosts.