From d21015e34af125d6cc2e4d1200e5ca3c76b8de42 Mon Sep 17 00:00:00 2001
From: JL2210 <larrowe.semaj11@gmail.com>
Date: Thu, 9 Apr 2020 09:46:58 -0400
Subject: [PATCH] Fix use of zero-allocated memory

It's possible that the unsigned integer may overflow to zero,
and then we might use zero-allocated memory.

This is incredibly unlikely, and I would even go so far as to say
that this is a false positive. Fix it anyway, to silence this warning:

src/link/patch.c:92:24: warning: Use of zero-allocated memory
        stack.buf[stack.size] = value;
        ~~~~~~~~~~~~~~~~~~~~~ ^

Deal with overflow, and check for zero to get rid of the warning.

Signed-off-by: JL2210 <larrowe.semaj11@gmail.com>
---
 src/link/patch.c | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/link/patch.c b/src/link/patch.c
index d9f56cea..5492b5f4 100644
--- a/src/link/patch.c
+++ b/src/link/patch.c
@@ -82,10 +82,18 @@ static inline void clearRPNStack(void)
 static void pushRPN(int32_t value)
 {
 	if (stack.size >= stack.capacity) {
-		stack.capacity *= 2;
+		static const size_t increase_factor = 2;
+
+		if (stack.capacity > SIZE_MAX / increase_factor)
+			err(1, "Overflow in RPN stack resize");
+
+		stack.capacity *= increase_factor;
 		stack.buf =
 			realloc(stack.buf, sizeof(*stack.buf) * stack.capacity);
-		if (!stack.buf)
+		// || !stack.capacity to fix bogus
+		// zero-size allocation warning from
+		// scan-build, already caught above
+		if (!stack.buf || !stack.capacity)
 			err(1, "Failed to resize RPN stack");
 	}