From 3a507b4e39aaccca2511ff77e8318693a77ca54b Mon Sep 17 00:00:00 2001
From: Zoey Greer <tempozrene@gmail.com>
Date: Mon, 8 Dec 2014 16:38:38 -0500
Subject: [PATCH] Bounds-check after arithmetic is complete

double_to_size can return std::numeric_limits<size_t>max(), so we cannot add 1 to the return value of double_to_size. That addition should be done while still working with a double, as can be seen being done on line 850 of this file.
This was uncovered by Coverity, and addresses Coverity issues CID13443 and CID12664
---
 include/boost/unordered/detail/table.hpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/include/boost/unordered/detail/table.hpp b/include/boost/unordered/detail/table.hpp
index 172739e3..b356ca22 100644
--- a/include/boost/unordered/detail/table.hpp
+++ b/include/boost/unordered/detail/table.hpp
@@ -343,7 +343,7 @@ namespace boost { namespace unordered { namespace detail {
             return policy::new_bucket_count(
                 boost::unordered::detail::double_to_size(floor(
                     static_cast<double>(size) /
-                    static_cast<double>(mlf_))) + 1);
+                    static_cast<double>(mlf_)) + 1));
         }
 
         ////////////////////////////////////////////////////////////////////////