Fix for a divide by zero that can be triggered by a malicious client.

Problem reported by Derek Abdine of rapid7.com. Thanks.

fb/fbtrap.c

@@ -117,6 +117,9 @@ fbRasterizeTrapezoid (PicturePtr    pPicture,
     RenderEdge	l, r;
     xFixed	t, b;
     
+    if (!xTrapezoidValid (trap))
+	return;
+
     fbGetDrawable (pPicture->pDrawable, buf, stride, bpp, pxoff, pyoff);
 
     width = pPicture->pDrawable->width;

render/renderedge.c

@@ -143,6 +143,7 @@ RenderEdgeInit (RenderEdge	*e,
     dx = x_bot - x_top;
     dy = y_bot - y_top;
     e->dy = dy;
+    e->dx = 0;
     if (dy)
     {
 	if (dx >= 0)