From b1257a799213c5437a377f30dbc88459eeeb057c Mon Sep 17 00:00:00 2001
From: Peter Johnson <peter@tortall.net>
Date: Mon, 19 Nov 2001 06:31:41 +0000
Subject: [PATCH] Bugfix in expr_copy_except(): could allocate less than 2
 terms of space (eg, actually smaller than the structure).

svn path=/trunk/yasm/; revision=350
---
 libyasm/expr.c | 2 +-
 src/expr.c     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/libyasm/expr.c b/libyasm/expr.c
index 0ca5f0a2..230bc186 100644
--- a/libyasm/expr.c
+++ b/libyasm/expr.c
@@ -631,7 +631,7 @@ expr_copy_except(const expr *e, int except)
     if (!e)
 	return 0;
 
-    n = xmalloc(sizeof(expr)+sizeof(ExprItem)*(e->numterms-2));
+    n = xmalloc(sizeof(expr)+sizeof(ExprItem)*(e->numterms<2?0:e->numterms-2));
 
     n->op = e->op;
     n->filename = e->filename;
diff --git a/src/expr.c b/src/expr.c
index 0ca5f0a2..230bc186 100644
--- a/src/expr.c
+++ b/src/expr.c
@@ -631,7 +631,7 @@ expr_copy_except(const expr *e, int except)
     if (!e)
 	return 0;
 
-    n = xmalloc(sizeof(expr)+sizeof(ExprItem)*(e->numterms-2));
+    n = xmalloc(sizeof(expr)+sizeof(ExprItem)*(e->numterms<2?0:e->numterms-2));
 
     n->op = e->op;
     n->filename = e->filename;
-- 
2.40.0