From 211b8685d3f288192df15c0ea6f2495eb07f80e2 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Bodo=20M=C3=B6ller?= <bodo@openssl.org>
Date: Wed, 20 Feb 2002 11:58:17 +0000
Subject: [PATCH] bugfix: allocate sufficiently large buffer

Submitted by: Nils Larsch
---
 crypto/ec/ec_mult.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
index f14f8d88ed..4e409d07bf 100644
--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
@@ -233,7 +233,7 @@ int EC_POINTs_mul(const EC_GROUP *group, EC_POINT *r, const BIGNUM *scalar,
 
 	wsize = OPENSSL_malloc(totalnum * sizeof wsize[0]);
 	wNAF_len = OPENSSL_malloc(totalnum * sizeof wNAF_len[0]);
-	wNAF = OPENSSL_malloc(totalnum * sizeof wNAF[0] + 1);
+	wNAF = OPENSSL_malloc((totalnum + 1) * sizeof wNAF[0]);
 	if (wNAF != NULL)
 		{
 		wNAF[0] = NULL; /* preliminary pivot */
-- 
2.25.1