From 96a49a1d9c771b1f7f29e8021abbb49c59f9b9a7 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Mon, 3 Feb 2014 16:48:01 -0800
Subject: [PATCH] yaml_stack_extend: guard against integer overflow

---
 src/api.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/api.c b/src/api.c
index b0afd1f..e793b08 100644
--- a/src/api.c
+++ b/src/api.c
@@ -118,7 +118,12 @@ yaml_string_join(
 YAML_DECLARE(int)
 yaml_stack_extend(void **start, void **top, void **end)
 {
-    void *new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
+    void *new_start;
+
+    if ((char *)*end - (char *)*start >= INT_MAX / 2)
+	return 0;
+
+    new_start = yaml_realloc(*start, ((char *)*end - (char *)*start)*2);
 
     if (!new_start) return 0;
 
-- 
2.45.0