From d5cec1f1f055316c353cfa15ad8d5eb0952d50a0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=3D=3FUTF-8=3Fq=3FDundar=3D20G=3DC3=3DB6c=3F=3D?=
 <gocdundar@gmail.com>
Date: Sat, 29 Jan 2022 15:19:23 +0000
Subject: patch 8.2.4255: theoretical computation overflow

Problem:    Theoretical computation overflow.
Solution:   Perform multiplication in a wider type. (closes #9657)
---
 src/ex_docmd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/ex_docmd.c')

diff --git a/src/ex_docmd.c b/src/ex_docmd.c
index aa91539270..c55b34ddb6 100644
--- a/src/ex_docmd.c
+++ b/src/ex_docmd.c
@@ -4738,7 +4738,7 @@ replace_makeprg(exarg_T *eap, char_u *p, char_u **cmdlinep)
 	    while ((pos = (char_u *)strstr((char *)pos + 2, "$*")) != NULL)
 		++i;
 	    len = (int)STRLEN(p);
-	    new_cmdline = alloc(STRLEN(program) + i * (len - 2) + 1);
+	    new_cmdline = alloc(STRLEN(program) + (size_t)i * (len - 2) + 1);
 	    if (new_cmdline == NULL)
 		return NULL;			// out of memory
 	    ptr = new_cmdline;
-- 
cgit v1.2.3