commit c47948bd4775c533eb3e0a948b2b814cdb740aab
from: Stefan Sperling <stsp@stsp.name>
via: Thomas Adam <thomas@xteddy.org>
date: Wed Nov 24 03:14:31 2021 UTC

sync files from diff.git f1dbec24f9a9553e22659f6c592c91e96221f6b9

commit - 30dc9e5ba7bc4ee91b4e52213b811db8d785fa08
commit + c47948bd4775c533eb3e0a948b2b814cdb740aab
blob - 09e07bf366400bc6bbc7e18eba214c253d078cd7
blob + c886d1a285863fa2148b2b295b733d08fe7c9040
--- lib/diff_myers.c
+++ lib/diff_myers.c
@@ -1098,6 +1098,7 @@ diff_algo_myers(const struct diff_algo_config *algo_co
 	size_t kd_state_size = kd_buf_size * sizeof(int);
 	debug("state size: %zu\n", kd_state_size);
 	if (kd_buf_size < kd_len /* overflow? */
+	    || (SIZE_MAX / kd_len ) < kd_len
 	    || kd_state_size > algo_config->permitted_state_size) {
 		debug("state size %zu > permitted_state_size %zu, use fallback_algo\n",
 		      kd_state_size, algo_config->permitted_state_size);