FYI: fix stack overflow in pr

[Jim Meyering]

FYI, I found that making pr use a very long date string in its
header would overflow the stack:

2005-03-10  Jim Meyering  <address@hidden>

        Don't segfault for a long header date string, e.g.,
        echo a|pr -D +%9999999A
        * src/pr.c (init_header): Use x2nrealloc, rather than alloca.
        Don't bother with fixed-sized initial buffer;  always use x*alloc.

Index: src/pr.c
===================================================================
RCS file: /fetish/cu/src/pr.c,v
retrieving revision 1.128
retrieving revision 1.129
diff -u -p -u -r1.128 -r1.129
--- src/pr.c    10 Mar 2005 07:58:34 -0000      1.128
+++ src/pr.c    10 Mar 2005 08:51:49 -0000      1.129
@@ -1657,8 +1657,7 @@ print_files (int number_of_files, char *
 static void
 init_header (char *filename, int desc)
 {
-  char *buf;
-  char initbuf[MAX (256, INT_BUFSIZE_BOUND (long int))];
+  char *buf = NULL;
   struct stat st;
   struct tm *tm;
 
@@ -1668,25 +1667,27 @@ init_header (char *filename, int desc)
   if (desc < 0 || fstat (desc, &st) != 0)
     st.st_mtime = time (NULL);
 
-  buf = initbuf;
   tm = localtime (&st.st_mtime);
-  if (! tm)
-    sprintf (buf, "%ld", (long int) st.st_mtime);
+  if (tm == NULL)
+    {
+      buf = xmalloc (INT_BUFSIZE_BOUND (long int));
+      sprintf (buf, "%ld", (long int) st.st_mtime);
+    }
   else
     {
-      size_t bufsize = sizeof initbuf;
+      size_t bufsize = 0;
       for (;;)
        {
+         buf = x2nrealloc (buf, &bufsize, sizeof *buf);
          *buf = '\1';
-         if (strftime (buf, bufsize, date_format, tm) || ! *buf)
+         if (strftime (buf, bufsize, date_format, tm) || *buf == '\0')
            break;
-         buf = alloca (bufsize *= 2);
        }
     }
 
   if (date_text)
     free (date_text);
-  date_text = xstrdup (buf);
+  date_text = buf;
   file_text = custom_header ? custom_header : desc < 0 ? "" : filename;
   header_width_available = (chars_per_line
                            - mbswidth (date_text, 0)