From 7709a04ae8520c5b04d261616098cebf742f5a23 Mon Sep 17 00:00:00 2001
From: antirez <antirez@gmail.com>
Date: Thu, 2 Jul 2020 16:44:48 +0200
Subject: Fix integer overflow in row allocation. #60.

---
 kilo.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/kilo.c b/kilo.c
index d293210..8729852 100644
--- a/kilo.c
+++ b/kilo.c
@@ -553,7 +553,8 @@ void editorSelectSyntaxHighlight(char *filename) {
 
 /* Update the rendered version and the syntax highlight of a row. */
 void editorUpdateRow(erow *row) {
-    int tabs = 0, nonprint = 0, j, idx;
+    unsigned int tabs = 0, nonprint = 0;
+    int j, idx;
 
    /* Create a version of the row we can directly print on the screen,
      * respecting tabs, substituting non printable characters with '?'. */
@@ -561,6 +562,13 @@ void editorUpdateRow(erow *row) {
     for (j = 0; j < row->size; j++)
         if (row->chars[j] == TAB) tabs++;
 
+    unsigned long long allocsize =
+        (unsigned long long) row->size + tabs*8 + nonprint*9 + 1;
+    if (allocsize > UINT32_MAX) {
+        printf("Some line of the edited file is too long for kilo\n");
+        exit(1);
+    }
+
     row->render = malloc(row->size + tabs*8 + nonprint*9 + 1);
     idx = 0;
     for (j = 0; j < row->size; j++) {
-- 
cgit v1.2.3