The spec says that QOI_OP_DIFF and QOI_OP_LUMA wrap around. However, the reference implementation seems to use signed char for this. But the C standard says that overflow and underflow of signed integers are undefined.
GCC has -fwrapv to allow signed integers overflow and underflow, however, that's not portable.
My own implementation solves this like this: https://git.nil.im/ObjFW/ObjFW/src/commit/b6ec6d21d4997e4aae1030533115103ca5c49466/src/OFQOIImageFormatHandler.m#L131-L175
The spec says that
QOI_OP_DIFFandQOI_OP_LUMAwrap around. However, the reference implementation seems to usesigned charfor this. But the C standard says that overflow and underflow of signed integers are undefined.GCC has
-fwrapvto allow signed integers overflow and underflow, however, that's not portable.My own implementation solves this like this: https://git.nil.im/ObjFW/ObjFW/src/commit/b6ec6d21d4997e4aae1030533115103ca5c49466/src/OFQOIImageFormatHandler.m#L131-L175