From c94d83ccab15d5ef02f88d42dce38ed3f0892882 Mon Sep 17 00:00:00 2001
From: Kim Woelders <kim@woelders.dk>
Date: Wed, 6 Apr 2016 17:42:17 +0200
Subject: [PATCH] Fix potential divide-by-zero in imlib_image_draw_ellipse().

Attempting to draw a 2x1 ellipse with e.g. imlib_image_draw_ellipse(x, y, 2, 1)
causes a divide-by-zero.
It seems happy enough to draw 1x1, 1x2 and 2x2, but not 2x1.

Patch by Simon Lees.

https://bugs.debian.org/639414
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
---
 src/lib/ellipse.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/src/lib/ellipse.c b/src/lib/ellipse.c
index cd90268..ddb410b 100644
--- a/src/lib/ellipse.c
+++ b/src/lib/ellipse.c
@@ -71,6 +71,9 @@ __imlib_Ellipse_DrawToData(int xc, int yc, int a, int b, DATA32 color,
         if (IN_RANGE(rx, by, clw, clh))
            pfunc(color, bp + len);
 
+        if (dx < 1)
+           dx = 1;
+
         dy += b2;
         yy -= ((dy << 16) / dx);
         lx--;
@@ -123,6 +126,9 @@ __imlib_Ellipse_DrawToData(int xc, int yc, int a, int b, DATA32 color,
         if (IN_RANGE(rx, by, clw, clh))
            pfunc(color, bp + len);
 
+        if (dy < 1)
+           dy = 1;
+
         dx -= a2;
         xx += ((dx << 16) / dy);
         ty++;
@@ -222,6 +228,9 @@ __imlib_Ellipse_DrawToData_AA(int xc, int yc, int a, int b, DATA32 color,
         if (IN_RANGE(rx, by, clw, clh))
            pfunc(col1, bp + len);
 
+        if (dx < 1)
+           dx = 1;
+
         dy += b2;
         yy -= ((dy << 16) / dx);
         lx--;
@@ -295,6 +304,9 @@ __imlib_Ellipse_DrawToData_AA(int xc, int yc, int a, int b, DATA32 color,
         if (IN_RANGE(rx, by, clw, clh))
            pfunc(col1, bp + len);
 
+        if (dy < 1)
+           dy = 1;
+
         dx -= a2;
         xx += ((dx << 16) / dy);
         ty++;
@@ -395,6 +407,9 @@ __imlib_Ellipse_FillToData(int xc, int yc, int a, int b, DATA32 color,
         if (IN_RANGE(rx, by, clw, clh))
            pfunc(color, bp + len);
 
+        if (dx < 1)
+           dx = 1;
+
         dy += b2;
         yy -= ((dy << 16) / dx);
         lx--;
@@ -453,6 +468,9 @@ __imlib_Ellipse_FillToData(int xc, int yc, int a, int b, DATA32 color,
         if (((unsigned)by < (unsigned)clh) && (len > 0))
            sfunc(color, bpp, len);
 
+        if (dy < 1)
+           dy = 1;
+
         dx -= a2;
         xx += ((dx << 16) / dy);
         ty++;
@@ -556,6 +574,9 @@ __imlib_Ellipse_FillToData_AA(int xc, int yc, int a, int b, DATA32 color,
         if (IN_RANGE(rx, by, clw, clh))
            pfunc(col1, bp + len);
 
+        if (dx < 1)
+           dx = 1;
+
         dy += b2;
         yy -= ((dy << 16) / dx);
         lx--;
@@ -629,6 +650,9 @@ __imlib_Ellipse_FillToData_AA(int xc, int yc, int a, int b, DATA32 color,
         if (IN_RANGE(rx, by, clw, clh))
            pfunc(col1, bp + len);
 
+        if (dy < 1)
+           dy = 1;
+
         dx -= a2;
         xx += ((dx << 16) / dy);
         ty++;
-- 
2.7.3