From 94033c98698f9311df88190fad45f190b4b829a8 Mon Sep 17 00:00:00 2001
From: "jan.nijtmans" <nijtmans@users.sourceforge.net>
Date: Tue, 8 Mar 2022 15:23:16 +0000
Subject: Fix [9c7557160]: signed integer overflow in UpdateStringOfByteArray()

---
 generic/tclBinary.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/generic/tclBinary.c b/generic/tclBinary.c
index fdb7f59..1c97728 100644
--- a/generic/tclBinary.c
+++ b/generic/tclBinary.c
@@ -565,14 +565,14 @@ UpdateStringOfByteArray(
     size = length;
     for (i = 0; i < length && size >= 0; i++) {
 	if ((src[i] == 0) || (src[i] > 127)) {
-	    size++;
+	    size = (int)((unsigned int)size + 1U);
 	}
     }
     if (size < 0) {
 	Tcl_Panic("max size for a Tcl value (%d bytes) exceeded", INT_MAX);
     }
 
-    dst = (char *)ckalloc(size + 1);
+    dst = (char *)ckalloc((unsigned int)size + 1U);
     objPtr->bytes = dst;
     objPtr->length = size;
 
-- 
cgit v0.12