GNOME.org
 

[gdk-pixbuf] Avoid undefined behavior

commit ed3cadc0c5417257c9a10f519defbb8fe957ed12
Author: Dhiru Kholia <dhiru kholia gmail com>
Date:   Wed Sep 7 05:42:00 2016 +0000

    Avoid undefined behavior
    
    Doing overflow checks with signed integers invokes undefined
    behavior and induces modern compilers to omit the checks altogether.
    Avoid this by doing the overflow check with unsigned integers.
    
    https://bugzilla.gnome.org/show_bug.cgi?id=770986

 gdk-pixbuf/gdk-pixbuf.c |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)
---
diff --git a/gdk-pixbuf/gdk-pixbuf.c b/gdk-pixbuf/gdk-pixbuf.c
index 0f6d69e..6bfaafb 100644
--- a/gdk-pixbuf/gdk-pixbuf.c
+++ b/gdk-pixbuf/gdk-pixbuf.c
@@ -444,8 +444,8 @@ gdk_pixbuf_new (GdkColorspace colorspace,
                 int           height)
 {
        guchar *buf;
-       int channels;
-       int rowstride;
+       unsigned int channels;
+       unsigned int rowstride;
 
        g_return_val_if_fail (colorspace == GDK_COLORSPACE_RGB, NULL);
        g_return_val_if_fail (bits_per_sample == 8, NULL);
@@ -453,7 +453,7 @@ gdk_pixbuf_new (GdkColorspace colorspace,
        g_return_val_if_fail (height > 0, NULL);
 
        channels = has_alpha ? 4 : 3;
-        rowstride = width * channels;
+        rowstride = (unsigned) width * channels;
         if (rowstride / channels != width || rowstride + 3 < 0) /* overflow */
                 return NULL;
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]