# HG changeset patch
# User Andreas Schwab <schwab@suse.de>
# Date 1010350009 0
# Node ID 5f4c5a17743ff618baa2f20d34995117a369d65a
# Parent  70727fae4ed241b730e7a50f65bfb0c4b3c8898e
(make_gap_larger): Make sure buffer size does not overflow range of int.

diff -r 70727fae4ed2 -r 5f4c5a17743f src/insdel.c
--- a/src/insdel.c	Sun Jan 06 17:59:09 2002 +0000
+++ b/src/insdel.c	Sun Jan 06 20:46:49 2002 +0000
@@ -533,10 +533,13 @@
 
   /* Don't allow a buffer size that won't fit in an int
      even if it will fit in a Lisp integer.
-     That won't work because so many places use `int'.  */
+     That won't work because so many places use `int'.
+
+     Make sure we don't introduce overflows in the calculation.  */
      
-  if (Z_BYTE - BEG_BYTE + GAP_SIZE + nbytes_added
-      >= MOST_POSITIVE_FIXNUM)
+  if (Z_BYTE - BEG_BYTE + GAP_SIZE
+      >= (((EMACS_INT) 1 << (min (VALBITS, BITS_PER_INT) - 1)) - 1
+	  - nbytes_added))
     error ("Buffer exceeds maximum size");
 
   enlarge_buffer_text (current_buffer, nbytes_added);