[cairo] [PATCH] scan-converter: Explicitly cast to int when flooring

[Bryce Harrington]

The code in question is attempting to do x*a/b, however for sufficiently
large x and a, this can exceed integer limits; the code accounts for
this by casting x*a to a long long.  However, when then assigning this
value to our quorem value this results in an implicit cast to int, which
valgrind flags as an 'invalid write'.

Signed-off-by: Bryce Harrington <bryce at osg.samsung.com>
---
 src/cairo-botor-scan-converter.c    | 4 ++--
 src/cairo-clip-tor-scan-converter.c | 4 ++--
 src/cairo-mono-scan-converter.c     | 4 ++--
 src/cairo-tor22-scan-converter.c    | 4 ++--
 4 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/cairo-botor-scan-converter.c b/src/cairo-botor-scan-converter.c
index 515305b..b76d2fa 100644
--- a/src/cairo-botor-scan-converter.c
+++ b/src/cairo-botor-scan-converter.c
@@ -199,8 +199,8 @@ floored_muldivrem(int x, int a, int b)
 {
     struct quorem qr;
     long long xa = (long long)x*a;
-    qr.quo = xa/b;
-    qr.rem = xa%b;
+    qr.quo = (int32_t)(xa/b);
+    qr.rem = (int32_t)(xa%b);
     if ((xa>=0) != (b>=0) && qr.rem) {
 	qr.quo--;
 	qr.rem += b;
diff --git a/src/cairo-clip-tor-scan-converter.c b/src/cairo-clip-tor-scan-converter.c
index e32a5a9..ac581da 100644
--- a/src/cairo-clip-tor-scan-converter.c
+++ b/src/cairo-clip-tor-scan-converter.c
@@ -439,8 +439,8 @@ floored_muldivrem(int x, int a, int b)
 {
     struct quorem qr;
     long long xa = (long long)x*a;
-    qr.quo = xa/b;
-    qr.rem = xa%b;
+    qr.quo = (int32_t)(xa/b);
+    qr.rem = (int32_t)(xa%b);
     if ((xa>=0) != (b>=0) && qr.rem) {
 	qr.quo -= 1;
 	qr.rem += b;
diff --git a/src/cairo-mono-scan-converter.c b/src/cairo-mono-scan-converter.c
index 2a9546c..1040cad 100644
--- a/src/cairo-mono-scan-converter.c
+++ b/src/cairo-mono-scan-converter.c
@@ -107,8 +107,8 @@ floored_muldivrem(int x, int a, int b)
 {
     struct quorem qr;
     long long xa = (long long)x*a;
-    qr.quo = xa/b;
-    qr.rem = xa%b;
+    qr.quo = (int32_t)(xa/b);
+    qr.rem = (int32_t)(xa%b);
     if ((xa>=0) != (b>=0) && qr.rem) {
 	qr.quo -= 1;
 	qr.rem += b;
diff --git a/src/cairo-tor22-scan-converter.c b/src/cairo-tor22-scan-converter.c
index 4cec5ee..e7f72cd 100644
--- a/src/cairo-tor22-scan-converter.c
+++ b/src/cairo-tor22-scan-converter.c
@@ -478,8 +478,8 @@ floored_muldivrem(int x, int a, int b)
 {
     struct quorem qr;
     long long xa = (long long)x*a;
-    qr.quo = xa/b;
-    qr.rem = xa%b;
+    qr.quo = (int32_t)(xa/b);
+    qr.rem = (int32_t)(xa%b);
     if ((xa>=0) != (b>=0) && qr.rem) {
 	qr.quo -= 1;
 	qr.rem += b;
-- 
1.9.1