From d2796d06d3b1c21694a14cc40f03b41d4501a09c Mon Sep 17 00:00:00 2001
From: "Andrey A. Chernov" <ache@FreeBSD.org>
Date: Tue, 9 Mar 2010 21:06:01 +0000
Subject: [PATCH] Add SIZE_MAX overflow check

---
 usr.bin/uniq/uniq.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/usr.bin/uniq/uniq.c b/usr.bin/uniq/uniq.c
index 5416b0b07f6c..605bd00580ac 100644
--- a/usr.bin/uniq/uniq.c
+++ b/usr.bin/uniq/uniq.c
@@ -196,6 +196,8 @@ convert(const char *str)
 
 	if ((n = mbstowcs(NULL, str, 0)) == (size_t)-1)
 		return (NULL);
+	if (SIZE_MAX / sizeof(*buf) < n + 1)
+		errx(1, "conversion buffer length overflow");
 	if ((buf = malloc((n + 1) * sizeof(*buf))) == NULL)
 		err(1, "malloc");
 	if (mbstowcs(buf, str, n + 1) != n)