Avoid undefined behavior

Doing overflow checks with signed integers invokes undefined behavior and induces modern compilers to omit the checks altogether. Avoid this by doing the overflow check with unsigned integers. https://bugzilla.gnome.org/show_bug.cgi?id=770986
author: Dhiru Kholia <dhiru.kholia@gmail.com> 2016-09-07 05:42:00 +0000
committer: Matthias Clasen <mclasen@redhat.com> 2016-09-12 23:19:18 -0400
commit: ed3cadc0c5417257c9a10f519defbb8fe957ed12 (patch)
tree: f66cefe30a01b6f9dd743804202651e9a0bb5553
parent: bed6e350bda61072b7118bc6b49b4e26d33d3567 (diff)
download: gdk-pixbuf-ed3cadc0c5417257c9a10f519defbb8fe957ed12.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/gdk-pixbuf/gdk-pixbuf.c b/gdk-pixbuf/gdk-pixbuf.c
index 0f6d69e23..6bfaafb11 100644
--- a/gdk-pixbuf/gdk-pixbuf.c
+++ b/gdk-pixbuf/gdk-pixbuf.c
@@ -444,8 +444,8 @@ gdk_pixbuf_new (GdkColorspace colorspace,
                 int           height)
 {
 	guchar *buf;
-	int channels;
-	int rowstride;
+	unsigned int channels;
+	unsigned int rowstride;
 
 	g_return_val_if_fail (colorspace == GDK_COLORSPACE_RGB, NULL);
 	g_return_val_if_fail (bits_per_sample == 8, NULL);
@@ -453,7 +453,7 @@ gdk_pixbuf_new (GdkColorspace colorspace,
 	g_return_val_if_fail (height > 0, NULL);
 
 	channels = has_alpha ? 4 : 3;
-        rowstride = width * channels;
+        rowstride = (unsigned) width * channels;
         if (rowstride / channels != width || rowstride + 3 < 0) /* overflow */
                 return NULL;
author	Dhiru Kholia <dhiru.kholia@gmail.com>	2016-09-07 05:42:00 +0000
committer	Matthias Clasen <mclasen@redhat.com>	2016-09-12 23:19:18 -0400
commit	ed3cadc0c5417257c9a10f519defbb8fe957ed12 (patch)
tree	f66cefe30a01b6f9dd743804202651e9a0bb5553
parent	bed6e350bda61072b7118bc6b49b4e26d33d3567 (diff)
download	gdk-pixbuf-ed3cadc0c5417257c9a10f519defbb8fe957ed12.tar.gz