Sam Edwards : gdi32: Prevent another possible buffer overflow in get_glyph_outline.
Alexandre Julliard
julliard at winehq.org
Tue Apr 30 12:51:28 CDT 2013
Module: wine
Branch: master
Commit: 53ec9b3291be1d7a5531aa2a04dbcf6b1fa83b9c
URL: http://source.winehq.org/git/wine.git/?a=commit;h=53ec9b3291be1d7a5531aa2a04dbcf6b1fa83b9c
Author: Sam Edwards <CFSworks at gmail.com>
Date: Tue Apr 30 00:41:47 2013 -0600
gdi32: Prevent another possible buffer overflow in get_glyph_outline.
---
dlls/gdi32/freetype.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/dlls/gdi32/freetype.c b/dlls/gdi32/freetype.c
index fec752a..5b3c138 100644
--- a/dlls/gdi32/freetype.c
+++ b/dlls/gdi32/freetype.c
@@ -6362,9 +6362,10 @@ static DWORD get_glyph_outline(GdiFont *incoming_font, UINT glyph, UINT format,
y_shift = height - (src_height / vmul);
dst += x_shift + y_shift * ( pitch / 4 );
- while ( src_height )
+ height = min( height, src_height / vmul );
+ while ( height-- )
{
- for ( x = 0; x < src_width / hmul; x++ )
+ for ( x = 0; x < width && x < src_width / hmul; x++ )
{
if ( rgb )
{
More information about the wine-cvs
mailing list