Comment by asveikau

I think when doing malloc(n * m) or similar the most cautious thing to do would be to check for overflow even if you don't think it's exploitable. Especially for a library. Witness for example that OpenBSD's calloc does an overflow check.

I often leave this out of my own code, but not without feeling somewhat guilty about it.