From 7506becc0ac70915050e097d673e7647b99347fc Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Thu, 20 Dec 2012 14:20:37 -0500
Subject: [PATCH] Fix signed overflow check in k5_ucs2s_to_utf8s

Signed overflow must be checked before it happens, since modern
versions of gcc will optimize out checks of the result.  Reported by
Nickolai Zeldovich <nickolai@csail.mit.edu>.

ticket: 7511
---
 src/util/support/utf8_conv.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/util/support/utf8_conv.c b/src/util/support/utf8_conv.c
index 6e7c5880d7..d580bbc93c 100644
--- a/src/util/support/utf8_conv.c
+++ b/src/util/support/utf8_conv.c
@@ -276,10 +276,8 @@ k5_ucs2s_to_utf8s(char *utf8str, const krb5_ucs2 *ucs2str,
 #endif
 
             n = krb5int_ucs2_to_utf8(ch, NULL);
-            if (n < 1)
+            if (n < 1 || n > INT_MAX - len)
                 return -1;
-            if (len + n < len)
-                return -1; /* overflow */
             len += n;
         }
 
-- 
2.47.2