[Bug 24249] Firestarter Demo crashes with page fault on read access on start
wine-bugs at winehq.org
wine-bugs at winehq.org
Fri Sep 3 10:22:32 CDT 2010
http://bugs.winehq.org/show_bug.cgi?id=24249
--- Comment #3 from Henri Verbeet <hverbeet at gmail.com> 2010-09-03 10:22:32 CDT ---
(In reply to comment #2)
> There might be another problem when WINED3DTSS_FORCE_DWORD is triggered (e.g.
> Type == 0). So it could happen that there is also an access violation on read
> access.
Yeah, something like the following should work:
if (Type >= sizeof(tss_lookup) / sizeof(*tss_lookup)) Type = 0;
l = &tss_lookup[Type];
if (l->state == WINED3DTSS_FORCE_DWORD)
{
*pValue = 0;
return D3D_OK;
}
Note that there are some more places with constructions like this, at the very
least IDirect3DDevice8Impl_SetTextureStageState(). We probably don't want a
test for this though, I think it's accessing beyond the end of the array on
native as well, it's just that native probably doesn't have the extra level of
indirection.
--
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.
More information about the wine-bugs
mailing list