Fix Crash: Loading Huge Images.

When loading huge images (30k) blender crashed with a buffer overflow.
The reason is that determine the length of a buffer was done in 32bit
precision and afterwards stored in 64 bit precision.

This patch adds a new function to do the correct calculation in 64bit.
It should be added to other sections in blender as well. But that should
be tested on a per case situation.

source/blender/imbuf/IMB_imbuf.h

@@ -200,6 +200,17 @@ bool addzbuffloatImBuf(struct ImBuf *ibuf);
  */
 size_t IMB_get_size_in_memory(struct ImBuf *ibuf);
 
+/**
+ * \brief Get the length of the rect of the given image buffer in terms of pixels.
+ *
+ * This is the width * the height of the image buffer.
+ * This function is preferred over `ibuf->x * ibuf->y` due to overflow issues when
+ * working with large resolution images (30kx30k).
+ *
+ * \attention Defined in allocimbuf.c
+ */
+size_t IMB_get_rect_len(const struct ImBuf *ibuf);
+
 /**
  *
  * \attention Defined in rectop.c

source/blender/imbuf/intern/allocimbuf.c

@@ -663,6 +663,11 @@ ImBuf *IMB_dupImBuf(const ImBuf *ibuf1)
   return ibuf2;
 }
 
+size_t IMB_get_rect_len(const ImBuf *ibuf)
+{
+  return (size_t)ibuf->x * (size_t)ibuf->y;
+}
+
 size_t IMB_get_size_in_memory(ImBuf *ibuf)
 {
   int a;

source/blender/imbuf/intern/scaling.c

@@ -911,7 +911,7 @@ static ImBuf *scaledownx(struct ImBuf *ibuf, int newx)
 {
   const int do_rect = (ibuf->rect != NULL);
   const int do_float = (ibuf->rect_float != NULL);
-  const size_t rect_size = ibuf->x * ibuf->y * 4;
+  const size_t rect_size = IMB_get_rect_len(ibuf) * 4;
 
   uchar *rect, *_newrect, *newrect;
   float *rectf, *_newrectf, *newrectf;
@@ -1052,7 +1052,7 @@ static ImBuf *scaledowny(struct ImBuf *ibuf, int newy)
 {
   const int do_rect = (ibuf->rect != NULL);
   const int do_float = (ibuf->rect_float != NULL);
-  const size_t rect_size = ibuf->x * ibuf->y * 4;
+  const size_t rect_size = IMB_get_rect_len(ibuf) * 4;
 
   uchar *rect, *_newrect, *newrect;
   float *rectf, *_newrectf, *newrectf;