From 1f0b08755c394bb04d8ed7afe34359a134d45abc Mon Sep 17 00:00:00 2001
From: "Halvor M. Nilsen" <Halvor.M.Nilsen@sintef.no>
Date: Wed, 19 Oct 2011 07:35:37 +0000
Subject: [PATCH] bska fixed integer overflow in malloc call
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Bård Skaflestad <Bard.Skaflestad@sintef.no>
---
 sparsetable.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/sparsetable.c b/sparsetable.c
index cb301469..9ef36bab 100644
--- a/sparsetable.c
+++ b/sparsetable.c
@@ -51,6 +51,7 @@ void free_sparse_table (sparse_table_t *tab)
 
 sparse_table_t *malloc_sparse_table(int m, int n, int datasz)
 {
+  size_t alloc_sz;
   sparse_table_t *tab = malloc(sizeof *tab);
   tab->m = m; 
   tab->n = n;
@@ -61,8 +62,9 @@ sparse_table_t *malloc_sparse_table(int m, int n, int datasz)
     return NULL;
   }
   
-  
-  if(!(tab->data = malloc(n * datasz))){
+  alloc_sz  = datasz;
+  alloc_sz *= n;
+  if(!(tab->data = malloc(alloc_sz))){
     fprintf(stderr, "Could not allocate space for sparse data(%d)\n", n);
     free_sparse_table(tab);
     return NULL;