Well, I admit that the check_avail_mul originally did a better job of figuring out if the specified sizes and numbers exceed the available ptrdiff_t type.
However, all the other changes should be correct and should not introduce buffer overruns. Can you give one counterexample? Because, if I recall correctly, in checking the code I found one error in the range checks in the existing code; which got implicitly fixed by the new code. -- Stephen.
