From 5ce971bdeedc15bbafed747933e5ba1bd4655900 Mon Sep 17 00:00:00 2001
From: Nathan Zimmerberg <39104088+nhz2@users.noreply.github.com>
Date: Mon, 16 Dec 2024 21:45:21 -0500
Subject: [PATCH] Check overflow in `bzalloc` (#38)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* check overflow in bzalloc

* add assert that typemax(Csize_t) ≥ typemax(Cint)

* update CI

* fix julia compat

* Add missing blank line
---
 src/libbzip2.jl | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/libbzip2.jl b/src/libbzip2.jl
index 52ef24b..5736bac 100644
--- a/src/libbzip2.jl
+++ b/src/libbzip2.jl
@@ -21,7 +21,16 @@ mutable struct BZStream
     opaque::Ptr{Cvoid}
 end
 
-bzalloc(::Ptr{Cvoid}, m::Cint, n::Cint) = ccall(:jl_malloc, Ptr{Cvoid}, (Cint,), m*n)
+@assert typemax(Csize_t) ≥ typemax(Cint)
+
+function bzalloc(::Ptr{Cvoid}, m::Cint, n::Cint)::Ptr{Cvoid}
+    s, f = Base.Checked.mul_with_overflow(m, n)
+    if f || signbit(s)
+        C_NULL
+    else
+        ccall(:jl_malloc, Ptr{Cvoid}, (Csize_t,), s%Csize_t)
+    end
+end
 bzfree(::Ptr{Cvoid}, p::Ptr{Cvoid}) = ccall(:jl_free, Cvoid, (Ptr{Cvoid},), p)
 
 function BZStream()