From 42663854c4351a6db1fa8c9f88d27fcd26b1f7e4 Mon Sep 17 00:00:00 2001
From: Colin Leroy-Mira <colin@colino.net>
Date: Thu, 16 Nov 2023 22:31:53 +0100
Subject: [PATCH] Fix theorical integer overflows

---
 camlibs/quicktake1x0/qtkn-decoder.c | 4 ++--
 camlibs/quicktake1x0/qtkt-decoder.c | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/camlibs/quicktake1x0/qtkn-decoder.c b/camlibs/quicktake1x0/qtkn-decoder.c
index f32b1560c..4d3c0700d 100644
--- a/camlibs/quicktake1x0/qtkn-decoder.c
+++ b/camlibs/quicktake1x0/qtkn-decoder.c
@@ -72,13 +72,13 @@ int qtkn_decode(unsigned char *raw, int width, int height, unsigned char **out)
 
 	len = qtk_ppm_size(width, height);
 
-	tmp = malloc(width * height * sizeof(unsigned short));
+	tmp = malloc((size_t)width * (size_t)height * sizeof(unsigned short));
 	if (tmp == NULL) {
 		free(header);
 		return GP_ERROR_NO_MEMORY;
 	}
 
-	tmp_c = malloc(width * height);
+	tmp_c = malloc((size_t)width * (size_t)height);
 	if (tmp_c == NULL) {
 		free(header);
 		free(tmp);
diff --git a/camlibs/quicktake1x0/qtkt-decoder.c b/camlibs/quicktake1x0/qtkt-decoder.c
index 1fd8ab173..cecca10b7 100644
--- a/camlibs/quicktake1x0/qtkt-decoder.c
+++ b/camlibs/quicktake1x0/qtkt-decoder.c
@@ -92,7 +92,7 @@ int qtkt_decode(unsigned char *raw, int width, int height, unsigned char **out)
 		}
 	}
 
-	tmp = malloc((width + 4) * (height + 4));
+	tmp = malloc((size_t)(width + 4) * (size_t)(height + 4));
 	if (tmp == NULL) {
 		free(header);
 		return GP_ERROR_NO_MEMORY;