ensure: Fix potential overflow of size_t

This could only happen if the maximum SIZE_T is not at least 2 times bigger than INT_MAX. Not sure if this can happen on real systems, but better be safe then sorry.
DaveGamble · Mar 23, 2017 · e58f7ec · e58f7ec
1 parent 4bfb880
commit e58f7ec
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/cJSON.c b/cJSON.c
@@ -270,8 +270,7 @@ static unsigned char* ensure(printbuffer * const p, size_t needed, const interna
     }
 
     /* calculate new buffer size */
-    newsize = needed * 2;
-    if (newsize > INT_MAX)
+    if (newsize > (INT_MAX / 2))
     {
         /* overflow of int, use INT_MAX if possible */
         if (needed <= INT_MAX)
@@ -283,6 +282,10 @@ static unsigned char* ensure(printbuffer * const p, size_t needed, const interna
             return NULL;
         }
     }
+    else
+    {
+        newsize = needed * 2;
+    }
 
     if (hooks->reallocate != NULL)
     {