From 34b5f628df5cc71b3eb30e191bc51dc3936c615e Mon Sep 17 00:00:00 2001
From: Reini Urban <rurban@cpan.org>
Date: Wed, 29 Mar 2017 21:04:28 +0200
Subject: [PATCH] Storable 3.05_11: croak on sizes read > I32_MAX

detected by coverity:
CID 165606 (#2 of 2): Untrusted value as argument (TAINTED_SCALAR)
146. tainted_data: Passing tainted variable size to a tainted sink.

(cherry picked from commit 735d9229a540d05f2d34f46ffea1e68aea9fbbc1)

Conflicts:
	dist/Storable/Storable.pm
---
 dist/Storable/Storable.xs | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/dist/Storable/Storable.xs b/dist/Storable/Storable.xs
index 64eb5743b2eb..e44d7354aa45 100644
--- a/dist/Storable/Storable.xs
+++ b/dist/Storable/Storable.xs
@@ -566,6 +566,8 @@ static stcxt_t *Context_ptr = NULL;
 #define KBUFCHK(x)							\
     STMT_START {							\
         if (x >= ksiz) {                                                \
+            if (x >= I32_MAX)                                           \
+                CROAK(("Too large size > I32_MAX"));                    \
             TRACEME(("** extending kbuf to %d bytes (had %d)",          \
                      (int)(x+1), (int)ksiz));                           \
             Renew(kbuf, x+1, char);                                     \
@@ -5863,8 +5865,7 @@ static SV *retrieve_svundef_elem(pTHX_ stcxt_t *cxt, const char *cname)
  */
 static SV *retrieve_array(pTHX_ stcxt_t *cxt, const char *cname)
 {
-    I32 len;
-    I32 i;
+    I32 len, i;
     AV *av;
     SV *sv;
     HV *stash;