Fix oss-fuzz report triggered by GH-15712 commit.

devnexen · devnexen · commit fce3d4f61d55 · 2024-09-16T12:26:48.000+01:00
It triggered allocation overflow which, even fixed, in turn gives memory
leak on 32 bits but the allocator relies on signed integers so instead
of changing `j` type we exit if an overflow during the buffer increase
is going to happen.
diff --git a/Zend/zend_strtod.c b/Zend/zend_strtod.c
@@ -3613,11 +3613,11 @@ rv_alloc(i) int i;
 rv_alloc(int i)
 #endif
 {
-	int k, *r;
+	int j, k, *r;
 
-	size_t j = sizeof(ULong);
+	j = sizeof(ULong);
 	for(k = 0;
-		sizeof(Bigint) - sizeof(ULong) - sizeof(int) + j <= (size_t)i;
+		j <= (INT_MAX >> 1) && sizeof(Bigint) - sizeof(ULong) - sizeof(int) + j <= (size_t)i;
 		j <<= 1)
 			k++;
 	r = (int*)Balloc(k);
