From 246a828c262eda553420c8b861c2a01cd89af74a Mon Sep 17 00:00:00 2001
From: wm4 <wm4@nowhere>
Date: Sun, 20 May 2018 13:38:54 +0200
Subject: m_config: check for int16_t offset overflow

For some reason shadow_offset is a int16_t variable (to save some space
or something), which means the static part of the entire option list
must be below 32KB. This is fine, but still add a check against
overflows. (Currently it's 3.6KB. This does not include dynamic
allocations like strings.)
---
 options/m_config.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/options/m_config.c b/options/m_config.c
index 2f63cf5363..aa0018314d 100644
--- a/options/m_config.c
+++ b/options/m_config.c
@@ -525,7 +525,9 @@ static void m_config_add_option(struct m_config *config,
             // The required alignment is unknown, so go with the maximum C
             // could require. Slightly wasteful, but not that much.
             int align = (size - config->shadow_size % size) % size;
-            co.shadow_offset = config->shadow_size + align;
+            int offset = config->shadow_size + align;
+            assert(offset <= INT16_MAX);
+            co.shadow_offset = offset;
             config->shadow_size = co.shadow_offset + size;
         }
 
-- 
cgit v1.2.3