From 6f50c78e70c41c36e56cac89728650d8a049bbeb Mon Sep 17 00:00:00 2001
From: Dmitry Antipov <dmantipov@yandex.ru>
Date: Tue, 15 Jul 2014 18:04:06 +0400
Subject: [PATCH] * regex.c (re_search_2): Use ssize_t to avoid integer
 overflow.

---
 src/ChangeLog | 2 ++
 src/regex.c   | 3 +--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index a640b970b67..87dd0eacc04 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -6,6 +6,8 @@
 	Use record_unwind_protect_int and avoid consing.
 	(syms_of_xmenu) [USE_X_TOOLKIT]: Declare WIDGET_ID_TICK_START.
 
+	* regex.c (re_search_2): Use ssize_t to avoid integer overflow.
+
 2014-07-14  Paul Eggert  <eggert@cs.ucla.edu>
 
 	Use binary-io module, O_BINARY, and "b" flag (Bug#18006).
diff --git a/src/regex.c b/src/regex.c
index ac71b797fbd..1c1164da57d 100644
--- a/src/regex.c
+++ b/src/regex.c
@@ -4342,8 +4342,7 @@ re_search_2 (struct re_pattern_buffer *bufp, const char *str1, size_t size1,
 
 	  if (range > 0)	/* Searching forwards.  */
 	    {
-	      register int lim = 0;
-	      ssize_t irange = range;
+	      ssize_t irange = range, lim = 0;
 
 	      if (startpos < size1 && startpos + range >= size1)
 		lim = range - (size1 - startpos);
-- 
2.39.5