help with coverity spotted problem in region.c::CreatePolyPolygonRgn
James McKenzie
jjmckenzie51 at earthlink.net
Sat Jan 24 07:23:12 CST 2009
Marcus Meissner wrote:
> Hi,
>
> Coverity says something about array indices in CreatePolyPolygonRgn
> and I see some code that looks bad:
>
> if (((nbpolygons == 1) && ((*Count == 4) ||
> ((*Count == 5) && (Pts[4].x == Pts[0].x) && (Pts[4].y == Pts[0].y))) &&
> (((Pts[0].y == Pts[1].y) &&
> (Pts[1].x == Pts[2].x) &&
> (Pts[2].y == Pts[3].y) &&
> (Pts[3].x == Pts[0].x)) ||
> ((Pts[0].x == Pts[1].x) &&
> (Pts[1].y == Pts[2].y) &&
> (Pts[2].x == Pts[3].x) &&
> (Pts[3].y == Pts[0].y)))))
>
> The braces seems to be mismatched, so that even for
> *Count==4 it dereferences Pts[4].
>
> But I cannot really make sense of the Count==5 version either,
> it seems broken too. Pts[4] is compared to Pts[0] points, but then
> again the 4 point polygon is compared.
>
> Anyone? git blame says its from Alexandre in 1998 ...
>
>
Marcus:
At first look, there appears to be an extra set of paraenthesis in
this. Remove the first left and last right.
James McKenzie
More information about the wine-devel
mailing list