Commit 0ac3b933 for xz

commit 0ac3b93387c0191919ffa38de5f49f6b28164b35
Author: Lasse Collin <lasse.collin@tukaani.org>
Date:   Wed Mar 25 19:03:00 2026 +0200

    xz: Prevent an integer overflow in --files and --files0

    This requires a filename (or something that pretends to be a filename)
    of at least 2 GiB on a 32-bit platform, and that realloc() to
    SIZE_MAX / 2 + 1 bytes has succeeded.

    Fixes: https://github.com/tukaani-project/xz/pull/218

diff --git a/src/xz/main.c b/src/xz/main.c
index 1b8b3788..8cc3b740 100644
--- a/src/xz/main.c
+++ b/src/xz/main.c
@@ -134,6 +134,16 @@ read_name(const args_info *args)
 		// at least for one character to allow terminating the string
 		// with '\0'.
 		if (pos == size) {
+			// Prevent an integer overflow. This is only possible
+			// if allocating SIZE_MAX / 2 + 1 bytes has already
+			// succeeded.
+			//
+			// Use ENOMEM to for the error message to avoid adding
+			// a translatable string that will (almost) never be
+			// displayed in practice.
+			if (size > SIZE_MAX / 2)
+				message_fatal("%s", strerror(ENOMEM));
+
 			size *= 2;
 			name = xrealloc(name, size);
 		}