From 91ee466c8ad2edcaa680f124a28949930fb44271 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert@cs.ucla.edu>
Date: Tue, 30 Jul 2024 08:32:55 -0700
Subject: [PATCH] Fix unlikely overflow in transform.c

* src/transform.c (_single_transform_name_to_obstack):
Use xinmalloc to check for integer overflow.
---
 src/transform.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/transform.c b/src/transform.c
index 6cb13480..33a0f3cb 100644
--- a/src/transform.c
+++ b/src/transform.c
@@ -458,7 +458,6 @@ run_case_conv (enum case_ctl_type case_ctl, char *ptr, size_t size)
 static void
 _single_transform_name_to_obstack (struct transform *tf, char *input)
 {
-  regmatch_t *rmp;
   int rc;
   size_t nmatches = 0;
   enum case_ctl_type case_ctl = ctl_stop,  /* Current case conversion op */
@@ -472,7 +471,7 @@ _single_transform_name_to_obstack (struct transform *tf, char *input)
                               save_ctl = ctl_stop;            \
 			    }
 
-  rmp = xmalloc ((tf->regex.re_nsub + 1) * sizeof (*rmp));
+  regmatch_t *rmp = xinmalloc (tf->regex.re_nsub + 1, sizeof *rmp);
 
   while (*input)
     {
-- 
2.47.2