From f76dee0c23a846517e72618dec6d2424321bb32b Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Thu, 28 Apr 2011 13:09:37 -0700
Subject: [PATCH] * doprnt.c (doprnt): Omit useless test; int overflow check
 (Bug#8545).

---
 src/ChangeLog | 4 ++++
 src/doprnt.c  | 8 ++++++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index 555fb9589f5..14727d403c2 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,7 @@
+2011-04-28  Paul Eggert  <eggert@cs.ucla.edu>
+
+	* doprnt.c (doprnt): Omit useless test; int overflow check (Bug#8545).
+
 2011-04-28  Juanma Barranquero  <lekktu@gmail.com>
 
 	* w32.c (init_environment): Warn about defaulting HOME to C:\.
diff --git a/src/doprnt.c b/src/doprnt.c
index 63dba9f5850..eac1796c496 100644
--- a/src/doprnt.c
+++ b/src/doprnt.c
@@ -198,8 +198,12 @@ doprnt (char *buffer, register size_t bufsize, const char *format,
 		  while (fmt < format_end
 			 && '0' <= fmt[1] && fmt[1] <= '9')
 		    {
-		      if (n >= SIZE_MAX / 10
-			  || n * 10 > SIZE_MAX - (fmt[1] - '0'))
+		      /* Avoid int overflow, because many sprintfs seriously
+			 mess up with widths or precisions greater than
+			 INT_MAX.  Avoid size_t overflow, since our counters
+			 use size_t.  This test is slightly conservative, for
+			 speed and simplicity.  */
+		      if (n >= min (INT_MAX, SIZE_MAX) / 10)
 			error ("Format width or precision too large");
 		      n = n * 10 + fmt[1] - '0';
 		      *string++ = *++fmt;
-- 
2.39.2