diff options
author | Dhiru Kholia <dhiru.kholia@gmail.com> | 2016-09-07 05:42:00 +0000 |
---|---|---|
committer | Matthias Clasen <mclasen@redhat.com> | 2016-09-12 23:19:18 -0400 |
commit | ed3cadc0c5417257c9a10f519defbb8fe957ed12 (patch) | |
tree | f66cefe30a01b6f9dd743804202651e9a0bb5553 | |
parent | bed6e350bda61072b7118bc6b49b4e26d33d3567 (diff) | |
download | gdk-pixbuf-ed3cadc0c5417257c9a10f519defbb8fe957ed12.tar.gz |
Avoid undefined behavior
Doing overflow checks with signed integers invokes undefined
behavior and induces modern compilers to omit the checks altogether.
Avoid this by doing the overflow check with unsigned integers.
https://bugzilla.gnome.org/show_bug.cgi?id=770986
-rw-r--r-- | gdk-pixbuf/gdk-pixbuf.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/gdk-pixbuf/gdk-pixbuf.c b/gdk-pixbuf/gdk-pixbuf.c index 0f6d69e23..6bfaafb11 100644 --- a/gdk-pixbuf/gdk-pixbuf.c +++ b/gdk-pixbuf/gdk-pixbuf.c @@ -444,8 +444,8 @@ gdk_pixbuf_new (GdkColorspace colorspace, int height) { guchar *buf; - int channels; - int rowstride; + unsigned int channels; + unsigned int rowstride; g_return_val_if_fail (colorspace == GDK_COLORSPACE_RGB, NULL); g_return_val_if_fail (bits_per_sample == 8, NULL); @@ -453,7 +453,7 @@ gdk_pixbuf_new (GdkColorspace colorspace, g_return_val_if_fail (height > 0, NULL); channels = has_alpha ? 4 : 3; - rowstride = width * channels; + rowstride = (unsigned) width * channels; if (rowstride / channels != width || rowstride + 3 < 0) /* overflow */ return NULL; |