Handle empty Tight gradient rects

We always assumed there would be one pixel per row so a rect with
a zero width would result in us writing to unknown memory.

This could theoretically be used by a malicious server to inject
code in to the viewer process.

Issue found by Pavel Cheremushkin from Kaspersky Lab.

common/rfb/tightDecode.h

@@ -56,15 +56,17 @@ TightDecoder::FilterGradient24(const rdr::U8 *inbuf,
   int rectWidth = r.width();
 
   for (y = 0; y < rectHeight; y++) {
-    /* First pixel in a row */
+    for (x = 0; x < rectWidth; x++) {
-    for (c = 0; c < 3; c++) {
+      /* First pixel in a row */
-      pix[c] = inbuf[y*rectWidth*3+c] + prevRow[c];
+      if (x == 0) {
-      thisRow[c] = pix[c];
+        for (c = 0; c < 3; c++) {
-    }
+          pix[c] = inbuf[y*rectWidth*3+c] + prevRow[c];
-    pf.bufferFromRGB((rdr::U8*)&outbuf[y*stride], pix, 1);
+          thisRow[c] = pix[c];
+        }
+        pf.bufferFromRGB((rdr::U8*)&outbuf[y*stride], pix, 1);
+        continue;
+      }
 
-    /* Remaining pixels of a row */
-    for (x = 1; x < rectWidth; x++) {
       for (c = 0; c < 3; c++) {
         est[c] = prevRow[x*3+c] + pix[c] - prevRow[(x-1)*3+c];
         if (est[c] > 0xff) {
@@ -103,17 +105,20 @@ void TightDecoder::FilterGradient(const rdr::U8* inbuf,
   int rectWidth = r.width();
 
   for (y = 0; y < rectHeight; y++) {
-    /* First pixel in a row */
+    for (x = 0; x < rectWidth; x++) {
-    pf.rgbFromBuffer(pix, &inbuf[y*rectWidth], 1);
+      /* First pixel in a row */
-    for (c = 0; c < 3; c++)
+      if (x == 0) {
-      pix[c] += prevRow[c];
+        pf.rgbFromBuffer(pix, &inbuf[y*rectWidth], 1);
+        for (c = 0; c < 3; c++)
+          pix[c] += prevRow[c];
 
-    memcpy(thisRow, pix, sizeof(pix));
+        memcpy(thisRow, pix, sizeof(pix));
 
-    pf.bufferFromRGB((rdr::U8*)&outbuf[y*stride], pix, 1);
+        pf.bufferFromRGB((rdr::U8*)&outbuf[y*stride], pix, 1);
+
+        continue;
+      }
 
-    /* Remaining pixels of a row */
-    for (x = 1; x < rectWidth; x++) {
       for (c = 0; c < 3; c++) {
         est[c] = prevRow[x*3+c] + pix[c] - prevRow[(x-1)*3+c];
         if (est[c] > 255) {