From 63916ee8d170e1f33adbc13a97a7f83392749903 Mon Sep 17 00:00:00 2001
From: helixhorned <helixhorned@1a8010ca-5511-0410-912e-c29ae57300e0>
Date: Sat, 16 Aug 2014 18:32:47 +0000
Subject: [PATCH] Mapster32: fix possible integer overflow in loopinside().

This could happen when building outside the "classic" grid limits and would
then lead to e.g. incorrect loop assignment on sector splitting. Bug reported
by MetHy.

git-svn-id: https://svn.eduke32.com/eduke32@4572 1a8010ca-5511-0410-912e-c29ae57300e0
---
 polymer/eduke32/build/src/build.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/polymer/eduke32/build/src/build.c b/polymer/eduke32/build/src/build.c
index 7b736c7ba..182fec3e4 100644
--- a/polymer/eduke32/build/src/build.c
+++ b/polymer/eduke32/build/src/build.c
@@ -8854,7 +8854,7 @@ int32_t loopinside(int32_t x, int32_t y, int16_t startwall)
             }
 
             if (y1 <= y && y < y2)
-                if (x1*(y-y2)+x2*(y1-y) <= x*(y1-y2))
+                if ((uint64_t)x1*(y-y2) + (uint64_t)x2*(y1-y) <= (uint64_t)x*(y1-y2))
                     cnt ^= 1;
         }