From ba88b729c83d4d99e6b9cae861044c67cd95997d Mon Sep 17 00:00:00 2001
From: giraffedata <giraffedata@9d0c8265-081b-0410-96cb-a4ca84ce46f8>
Date: Sat, 7 Oct 2023 20:31:51 +0000
Subject: fix arithmetic overflow

git-svn-id: http://svn.code.sf.net/p/netpbm/code/trunk@4734 9d0c8265-081b-0410-96cb-a4ca84ce46f8
---
 editor/pnmscalefixed.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'editor')

diff --git a/editor/pnmscalefixed.c b/editor/pnmscalefixed.c
index 05d56578..1a89a2e5 100644
--- a/editor/pnmscalefixed.c
+++ b/editor/pnmscalefixed.c
@@ -19,6 +19,7 @@
 **
 */
 
+#include <limits.h>
 #include <math.h>
 
 #include "pm_c_util.h"
@@ -446,6 +447,10 @@ main(int argc, char **argv ) {
        unfilled.  We can address that by stretching, whereas the other
        case would require throwing away some of the input.
     */
+    if (newcols > INT_MAX / SCALE)
+        pm_error("New image width (%d) is uncomputably large", newcols);
+    if (newrows > INT_MAX / SCALE)
+        pm_error("New image height (%d) is uncomputably large", newrows);
     sxscale = SCALE * newcols / cols;
     syscale = SCALE * newrows / rows;
 
-- 
cgit 1.4.1