malloc.3: Note that calloc() detects overflow when multiplying its arguments

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>

man3/malloc.3

@@ -107,6 +107,23 @@ returns either NULL,
 .\" glibc does this:
 or a unique pointer value that can later be successfully passed to
 .BR free ().
+If the multiplication of
+.I nmemb
+and
+.I size
+would result in integer overflow, then
+.BR calloc ()
+returns an error.
+By contrast,
+an integer overflow would not be detected in the following call to
+.BR malloc (),
+with the result that an incorrectly sized block of memory would be allocated:
+.PP
+.in +4n
+.EX
+malloc(nmemb * size);
+.EE
+.in
 .PP
 The
 .BR realloc ()