From: Tony Cook <tony@develop-help.com>
Date: Mon, 7 Jan 2019 11:54:04 +0000 (+1100)
Subject: hopefully avoid coverity complaining about a float vs int comparison
X-Git-Tag: v1.009~7
X-Git-Url: http://git.imager.perl.org/imager.git/commitdiff_plain/a2c2d400b6fef6203f99578cd6c230d071fc0684?ds=sidebyside

hopefully avoid coverity complaining about a float vs int comparison
---

diff --git a/Changes b/Changes
index 4ee4a8be..ec1ffd9d 100644
--- a/Changes
+++ b/Changes
@@ -118,6 +118,9 @@ Lower severity (according to Coverity):
  - i_img_info() (C API) no longer tries to handle a NULL image object
    pointer.  CID 185298.
 
+ - re-work testing for size_t overflow for circle/random
+   super-sampling for fountain fills.  CID 185304.
+
 [1] The first two build submissions ended up at the end of a ~400
 build queue, and seemed to have been cancelled by Coverity.  A build
 submitted on NYE went through in minutes.
diff --git a/filters.im b/filters.im
index 51f2d100..7c23a5a5 100644
--- a/filters.im
+++ b/filters.im
@@ -1972,11 +1972,13 @@ fount_init_state(struct fount_state *state, double xa, double ya,
   case i_fts_random:
   case i_fts_circle:
     ssample_param = floor(0.5+ssample_param);
-    bytes = sizeof(i_fcolor) * ssample_param;
-    if (bytes / sizeof(i_fcolor) == ssample_param) {
-      state->ssample_data = mymalloc(sizeof(i_fcolor) * ssample_param);
+    if (im_size_t_max / sizeof(i_fcolor) > ssample_param) {
+      bytes = sizeof(i_fcolor) * ssample_param;
+      state->ssample_data = mymalloc(bytes);
     }
     else {
+      dIMCTX;
+      im_log((aIMCTX, 1,"size_t overflow calculating super-sample array size for random or circl"));
       super_sample = i_fts_none;
     }
     break;
diff --git a/imageri.h b/imageri.h
index 2848bcfc..14d1d23c 100644
--- a/imageri.h
+++ b/imageri.h
@@ -143,4 +143,6 @@ typedef struct im_context_tag {
 
 #define DEF_BYTES_LIMIT 0x40000000
 
+#define im_size_t_max (~(size_t)0)
+
 #endif