```
$ src/od -w0 /bin/ls
Aborted
```

```
1835    if (s_err != LONGINT_OK || w_tmp <= 0)
1836        xstrtol_fatal (s_err, oi, c, long_options, optarg);
```

We confirmed that when the argument for -w is set to 0, the program correctly handles the case by checking whether w_tmp is less than or equal to zero and raises an appropriate exception.

```
$ src/od -w4294967299223422228333 /bin/ls
od: -w argument '4294967299223422228333' too large
```

```
1837    if (ckd_add (&desired_width, w_tmp, 0))
1838    error (EXIT_FAILURE, 0, _("%s is too large"), quote (optarg));
```

We also observed that when the -w argument is extremely large, the program handles the case properly through the use of ckd_add to prevent unsafe allocation.

```
$ src/od -w429496729922348 /bin/ls
=================================================================
==1151683==ERROR: AddressSanitizer: requested allocation size 0x30d400009d658 (0x30d400009e658 after adjustments for alignment, red zones etc.) exceeds maximum supported size of 0x10000000000 (thread T0)
    #0 0x49c843 in __interceptor_realloc (coreutils/src/od+0x49c843)
    #1 0x4dd99d in xreallocarray coreutils/lib/xmalloc.c:84:13
    #2 0x4dd99d in xnmalloc coreutils/lib/xmalloc.c:102:10
    #3 0x7f30f39c7d8f in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16

==1151683==HINT: if you don't care about these errors you may set allocator_may_return_null=1
SUMMARY: AddressSanitizer: allocation-size-too-big (coreutils/src/od+0x49c843) in __interceptor_realloc
==1151683==ABORTING
```

However, for certain specific values of -w, these two checks can be bypassed, resulting in the program attempting to allocate an excessively large amount of memory.

```
1427 dump (void)
1428 {
1429   char *block[2];
1430   uintmax_t current_offset;
1431   bool idx = false;
1432   bool ok = true;
1433   size_t n_bytes_read;
1434
1435   block[0] = xnmalloc (2, bytes_per_block);
```

This happens because the parsed -w value is passed to bytes_per_block, which is then used in a call to xnmalloc, leading to potentially dangerous memory allocation.

To mitigate this issue, we suggest adding a proper argument validation check to handle such edge cases safely.

Build options
```
git clone https://github.com/coreutils/coreutils
export GNULIB_SRCDIR=./gnulib
export FORCE_UNSAFE_CONFIGURE=1
./bootstrap
CC="clang -g -fsanitize=address" CXX="clang -g -fsanitize=address" ./configure $CONFIG_OPTIONS
make -j
```

Program version
```
$ src/od --version
od (GNU coreutils) 9.7.52-b7db77
Copyright (C) 2025 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by Jim Meyering.
```