From ba1ea8caeebe9e93a40a5f05d6ff3df2afdc63ab Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Thu, 3 Oct 2019 12:38:15 -0700
Subject: [PATCH] numfmt: avoid unlikely integer overflow
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

* src/numfmt.c (parse_format_string): Report overflow if
pad < -LONG_MAX, since that can’t be negated.
---
 src/numfmt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/numfmt.c b/src/numfmt.c
index 305a886039..c56641cfd6 100644
--- a/src/numfmt.c
+++ b/src/numfmt.c
@@ -1081,7 +1081,7 @@ parse_format_string (char const *fmt)
 
   errno = 0;
   pad = strtol (fmt + i, &endptr, 10);
-  if (errno == ERANGE)
+  if (errno == ERANGE || pad < -LONG_MAX)
     die (EXIT_FAILURE, 0,
          _("invalid format %s (width overflow)"), quote (fmt));
 
-- 
2.47.2