CVE-2021-35942: Integer Overflow in glibc wordexp() w_addword Function

CVE-2021-35942 is an integer overflow vulnerability in the wordexp() function in glibc 2.33. The w_addword() function performs unchecked addition of user-controllable fields (we_wordc and we_offs) before using the result in a size calculation for memory allocation. When these fields sum to values close to SIZE_MAX, the addition overflows, causing a much smaller buffer to be allocated than expected. Subsequent write operations then overflow the heap.