[gdk-pixbuf] XBM: Fix signed integer overflow.

[Emmanuele Bassi <ebassi src gnome org>]

commit 7ebedf37abfed653a5b6dcf4d9210270c3e99e46
Author: Tobias Stoeckmann <tobias stoeckmann org>
Date:   Sun Jun 7 19:41:27 2020 +0200

    XBM: Fix signed integer overflow.
    
    Parsing an XBM file with pixel bits larger than int leads to undefined
    behavior (signed integer overflow).
    
    Since only the lowest 8 bits are used, this patched code produces the
    same images as before.
    
    Also do not increment gotone but set it to a value. If more than
    INT_MAX values are parsed, this int would overflow as well.
    
    Proof of Concept (compile with -fsanitize=undefined or -ftrapv):
    
    static unsigned char poc_bits[] = {
    0xFFFFFFFF };

 gdk-pixbuf/io-xbm.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
---
diff --git a/gdk-pixbuf/io-xbm.c b/gdk-pixbuf/io-xbm.c
index 83de5c6da..5bf71e1bf 100644
--- a/gdk-pixbuf/io-xbm.c
+++ b/gdk-pixbuf/io-xbm.c
@@ -133,8 +133,8 @@ next_int (FILE *fstream)
                        /* trim high bits, check type and accumulate */
                        ch &= 0xff;
                        if (g_ascii_isxdigit (ch)) {
-                               value = (value << 4) + g_ascii_xdigit_value (ch);
-                               gotone++;
+                               value = ((value & 0xf) << 4) + g_ascii_xdigit_value (ch);
+                               gotone = 1;
                        } else if ((hex_table[ch]) < 0 && gotone) {
                                done++;
                        }