From defabca229899725766edce5ee15609c1099fecc Mon Sep 17 00:00:00 2001
From: Tatsuya Kinoshita <tats@debian.org>
Date: Sun, 28 Feb 2021 15:57:46 +0900
Subject: Prevent unintentional integer overflow in libwc

---
 libwc/utf7.c | 2 +-
 libwc/utf8.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/libwc/utf7.c b/libwc/utf7.c
index 44a3330..874bc3d 100644
--- a/libwc/utf7.c
+++ b/libwc/utf7.c
@@ -73,7 +73,7 @@ wc_conv_from_utf7(Str is, wc_ces ces)
 	;
     if (p == ep)
 	return is;
-    os = Strnew_size(is->length * 4 / 3);
+    os = Strnew_size(is->length + is->length / 3);
     if (p > sp)
 	Strcat_charp_n(os, is->ptr, (int)(p - sp));
 
diff --git a/libwc/utf8.c b/libwc/utf8.c
index e523139..c878499 100644
--- a/libwc/utf8.c
+++ b/libwc/utf8.c
@@ -150,7 +150,7 @@ wc_conv_from_utf8(Str is, wc_ces ces)
 	;
     if (p == ep)
 	return is;
-    os = Strnew_size(is->length * 4 / 3);
+    os = Strnew_size(is->length + is->length / 3);
     if (p > sp)
 	Strcat_charp_n(os, is->ptr, (int)(p - sp));
 
-- 
cgit v1.2.3