review.tizen.org Git - platform/upstream/pixman.git/commit

author	Søren Sandmann Pedersen <ssp@redhat.com>
	Wed, 21 Dec 2011 13:19:05 +0000 (08:19 -0500)
committer	Søren Sandmann Pedersen <ssp@redhat.com>
	Mon, 9 Jan 2012 10:40:33 +0000 (05:40 -0500)
commit	33ac0a9084aabd0e47fb1c9e5638eafc809c52cb
tree	3ce54b09db9feb21322f0c4d1d7df9e89cc8449b	tree \| snapshot
parent	d788f762788c2178970ff0ff2cb6e0097171cc3c	commit \| diff

Fix a bunch of signed overflow issues

In pixman-fast-path.c: (1 << 31) - 1 causes a signed overflow, so
change to (1U << n) - 1.

In pixman-image.c: The check for whether m10 == -m01 will overflow
when -m01 == INT_MIN. Instead just check whether the variables are 1
and -1.

In pixman-utils.c: When the depth of the topmost channel is 0, we can
end up shifting by 32.

In blitters-test.c: Replicating the mask would end up shifting more
than 32.

In region-contains-test.c: Computing the average of two large integers
could overflow. Instead add half the difference between them to the
first integer.

In stress-test.c: Masking the value in fake_reader() would sometimes
shift by 32. Instead just use the most significant bits instead of
the least significant.

All these issues were found by the IOC tool:

http://embed.cs.utah.edu/ioc/

pixman/pixman-fast-path.c		diff \| blob \| history
pixman/pixman-image.c		diff \| blob \| history
pixman/pixman-utils.c		diff \| blob \| history
test/blitters-test.c		diff \| blob \| history
test/region-contains-test.c		diff \| blob \| history
test/stress-test.c		diff \| blob \| history