Buffer overflow in qt_scale_image_16bit reading from source array when qreal is single precision

Depending on memory layout and input data, you can have an access violation in function qt_scale_image_16bit, since the while loop iterates over the input buffer bounds. The problem is computing iy.
This values is derived casting a float to int, so should be a lower bound, that's fine, since otherwise we will go out of bounds reading input data. But the float itself can be an upper bound so iy might lead to this faulting state:

(iy * targetRect.height()) > (65536*srcRect.height()) !!

meaning that, depending on other input values, we could iterate over input bounds. Actually the fix consists in decrementing iy by one in the above case.

I think the issue might affect also latest releases since source code looks the same.

Attached a small program showing the access violation exception in wce platform.