A long time ago, John Regehr wrote a very nice quiz about C integers. He's a pretty awesome expert on undefined behavior and this quiz highlights the type of stuff you need to know when auditing C code. A lot of times you’ll run into really strange scenarios which end up causing exploitable bugs later in the code.
A few clarification that came up from Twitter threads and reddit.
If you enjoyed this quiz, please follow John Regehr on Twitter. You're also invited to follow me Ace Pace.