From 205ededbb23f8f1b182d9ae7c01d89b6e67e5736 Mon Sep 17 00:00:00 2001
From: Dmitry Antipov <dmantipov@yandex.ru>
Date: Wed, 9 Jul 2014 14:36:35 +0400
Subject: [PATCH] * coding.c (ALLOC_CONVERSION_WORK_AREA): Prefer ptrdiff_t to
 int and so avoid integer overflow if decoded gap size exceeds INT_MAX bytes.

---
 src/ChangeLog |  3 +++
 src/coding.c  | 11 ++++-------
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index 10984d5ce25..fa79ac43bdf 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -15,6 +15,9 @@
 	* xfont.c (xfont_open):
 	* xftfont.c (xftfont_open): All users changed.
 
+	* coding.c (ALLOC_CONVERSION_WORK_AREA): Prefer ptrdiff_t to int and
+	so avoid integer overflow if decoded gap size exceeds INT_MAX bytes.
+
 2014-07-09  Eli Zaretskii  <eliz@gnu.org>
 
 	* xdisp.c (move_it_to): Adjust calculation of line_start_x to what
diff --git a/src/coding.c b/src/coding.c
index d4c468cfbbf..5e7a676aecd 100644
--- a/src/coding.c
+++ b/src/coding.c
@@ -7273,15 +7273,12 @@ produce_charset (struct coding_system *coding, int *charbuf, ptrdiff_t pos)
 
 #define ALLOC_CONVERSION_WORK_AREA(coding, size)		\
   do {								\
-    int units = (size) + MAX_CHARBUF_EXTRA_SIZE;		\
-								\
-    if (units > MAX_CHARBUF_SIZE)				\
-      units = MAX_CHARBUF_SIZE;					\
-    coding->charbuf = SAFE_ALLOCA ((units) * sizeof (int));	\
-    coding->charbuf_size = (units);				\
+    ptrdiff_t units = min ((size) + MAX_CHARBUF_EXTRA_SIZE,	\
+			   MAX_CHARBUF_SIZE);			\
+    coding->charbuf = SAFE_ALLOCA (units * sizeof (int));	\
+    coding->charbuf_size = units;				\
   } while (0)
 
-
 static void
 produce_annotation (struct coding_system *coding, ptrdiff_t pos)
 {
-- 
2.39.5