From 1e20010cd70edd4c26bbc6ce48c57bf36b064aeb Mon Sep 17 00:00:00 2001
From: XScreenSaver owners <xscreensaver-owner@fedoraproject.org>
Date: Fri, 1 Sep 2023 17:30:50 +0900
Subject: [PATCH 1/2] make_ximage: avoid integer overflow on left shift

gcc -fsanitize=undefined shows the following undefined behavior:

../../hacks/ximage-loader.c:176:29: runtime error: left shift of 255 by 24 places cannot be represented in type 'int'
../../hacks/ximage-loader.c:169:29: runtime error: left shift of 255 by 24 places cannot be represented in type 'int'

This is because of integral promotion from guchar to int, not to unsigned int.

To avoid this error, cast to unsigned long type.
---
 hacks/ximage-loader.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hacks/ximage-loader.c b/hacks/ximage-loader.c
index a3f6eb0..152ad9f 100644
--- a/hacks/ximage-loader.c
+++ b/hacks/ximage-loader.c
@@ -159,21 +159,21 @@ make_ximage (Display *dpy, Visual *visual, const char *filename,
             unsigned long rgba = 0;
             switch (chan) {
             case 1:
-              rgba = ((0xFF << 24) |
+              rgba = ((0xFFUL << 24) |
                       (*i   << 16) |
                       (*i   <<  8) |
                        *i);
               i++;
               break;
             case 3:
-              rgba = ((0xFF << 24) |
+              rgba = ((0xFFUL << 24) |
                       (i[2] << 16) |
                       (i[1] <<  8) |
                       i[0]);
               i += 3;
               break;
             case 4:
-              rgba = ((i[3] << 24) |
+              rgba = ((((unsigned long)i[3]) << 24) |
                       (i[2] << 16) |
                       (i[1] <<  8) |
                       i[0]);
-- 
2.41.0