From 85bb38216c09bcf77739c087753d6b80e21323db Mon Sep 17 00:00:00 2001
From: zhailiangliang <zhailiangliang@loongson.cn>
Date: Fri, 18 Aug 2023 09:37:26 +0800
Subject: [PATCH] fix runtime error: signed integer overflow in file
 src/bmp.imageio/bmpinput.cpp:302

Signed-off-by: zhailiangliang <zhailiangliang@loongson.cn>
---
 src/bmp.imageio/bmpinput.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/bmp.imageio/bmpinput.cpp b/src/bmp.imageio/bmpinput.cpp
index 96fb7c2501..19d8f1bf9d 100644
--- a/src/bmp.imageio/bmpinput.cpp
+++ b/src/bmp.imageio/bmpinput.cpp
@@ -299,7 +299,7 @@ BmpInput::read_rle_image()
     int rletype = m_dib_header.compression == RLE4_COMPRESSION ? 4 : 8;
     m_spec.attribute("compression", rletype == 4 ? "rle4" : "rle8");
     m_uncompressed.clear();
-    m_uncompressed.resize(m_spec.height * m_spec.width);
+    m_uncompressed.resize(m_spec.image_pixels());
     // Note: the clear+resize zeroes out the buffer
     bool ok = true;
     int y = 0, x = 0;