From 7d0416f4018103f95c4f06daabe60769310ffa6e Mon Sep 17 00:00:00 2001
From: Dmitry Stogov <dmitry@zend.com>
Date: Fri, 5 Sep 2014 16:13:06 +0400
Subject: [PATCH] Fixed overflow check

---
 Zend/zend_arena.h | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/Zend/zend_arena.h b/Zend/zend_arena.h
index 12c5db6dbe..8988eb4ab5 100644
--- a/Zend/zend_arena.h
+++ b/Zend/zend_arena.h
@@ -80,10 +80,13 @@ static zend_always_inline void* zend_arena_alloc(zend_arena **arena_ptr, size_t
 
 static zend_always_inline void* zend_arena_calloc(zend_arena **arena_ptr, size_t count, size_t unit_size)
 {
-	size_t size = unit_size * count;
+	zend_long overflow;
+	double d;
+	size_t size;
 	void *ret;
 
-	ZEND_ASSERT(size >= unit_size && size >= count);
+	ZEND_SIGNED_MULTIPLY_LONG(unit_size, count, size, d, overflow);
+	ZEND_ASSERT(overflow == 0);
 	ret = zend_arena_alloc(arena_ptr, size);
 	memset(ret, 0, size);
 	return ret;
-- 
2.50.1