diff --git a/patch-delta.c b/patch-delta.c
index e02e13bd4eb2a92626c2d6f9cbf264abb15de9c5..56e0a5ede22c9396fc897bf1d3444dce92d8916f 100644 (file)
--- a/patch-delta.c
+++ b/patch-delta.c
/* now the result size */
size = get_delta_hdr_size(&data, top);
- dst_buf = xmalloc(size + 1);
- dst_buf[size] = 0;
+ dst_buf = xmallocz(size);
out = dst_buf;
while (data < top) {
if (cmd & 0x20) cp_size |= (*data++ << 8);
if (cmd & 0x40) cp_size |= (*data++ << 16);
if (cp_size == 0) cp_size = 0x10000;
- if (cp_off + cp_size < cp_size ||
+ if (unsigned_add_overflows(cp_off, cp_size) ||
cp_off + cp_size > src_size ||
cp_size > size)
break;