From d95a7f1311578cf37c0889098d32cbcb8964d906 Mon Sep 17 00:00:00 2001
From: Simon Marlow <marlowsd@gmail.com>
Date: Mon, 12 Dec 2011 14:18:30 +0000
Subject: Avoid integer overflow when calling allocGroup() (#5071)

---
 rts/sm/Storage.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'rts/sm')

diff --git a/rts/sm/Storage.c b/rts/sm/Storage.c
index fe7bf435eb..dc887c3147 100644
--- a/rts/sm/Storage.c
+++ b/rts/sm/Storage.c
@@ -627,8 +627,11 @@ allocate (Capability *cap, lnat n)
 
         // Attempting to allocate an object larger than maxHeapSize
         // should definitely be disallowed.  (bug #1791)
-        if (RtsFlags.GcFlags.maxHeapSize > 0 && 
-            req_blocks >= RtsFlags.GcFlags.maxHeapSize) {
+        if ((RtsFlags.GcFlags.maxHeapSize > 0 &&
+             req_blocks >= RtsFlags.GcFlags.maxHeapSize) ||
+            req_blocks >= HS_INT32_MAX)   // avoid overflow when
+                                          // calling allocGroup() below
+        {
             heapOverflow();
             // heapOverflow() doesn't exit (see #2592), but we aren't
             // in a position to do a clean shutdown here: we
-- 
cgit v1.2.1