A colleague of mine showed me some code from a back-end program on a web server. Fortunately, the company that wrote this is out of business. Or at least I hope they're out of business!

size = 16384;
while (size && IsBadReadPtr(buffer, size)) {
    size--;
}