From: "Barak A. Pearlmutter" <barak+git@pearlmutter.net>
Date: Mon, 10 May 2021 15:48:53 +0100
Subject: djvulibre-fedora Patch9 djvulibre-3.5.27-interger-overflow.patch

---
 tools/ddjvu.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tools/ddjvu.cpp b/tools/ddjvu.cpp
index 7109952..2f3e0f9 100644
--- a/tools/ddjvu.cpp
+++ b/tools/ddjvu.cpp
@@ -70,6 +70,7 @@
 #include <locale.h>
 #include <fcntl.h>
 #include <errno.h>
+#include <stdint.h>
 
 #ifdef UNIX
 # include <sys/time.h>
@@ -394,7 +395,9 @@ render(ddjvu_page_t *page, int pageno)
     rowsize = rrect.w;
   else
     rowsize = rrect.w * 3; 
-  if (! (image = (char*)malloc(rowsize * rrect.h)))
+  if ((size_t)rowsize > SIZE_MAX / rrect.h)
+    die(i18n("Integer overflow when allocating image buffer for page %d"), pageno);
+  if (! (image = (char*)malloc((size_t)rowsize * rrect.h)))
     die(i18n("Cannot allocate image buffer for page %d"), pageno);
 
   /* Render */