[PATCH 1/1] Prevent possible buffer overrun
Nikolay Sivov
bunglehead at gmail.com
Mon Oct 19 14:40:28 CDT 2009
---
dlls/gdi32/font.c | 6 +++---
1 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/dlls/gdi32/font.c b/dlls/gdi32/font.c
index c81a9c8..ed64166 100644
--- a/dlls/gdi32/font.c
+++ b/dlls/gdi32/font.c
@@ -2596,13 +2596,13 @@ BOOL WINAPI TranslateCharsetInfo(
int index = 0;
switch (flags) {
case TCI_SRCFONTSIG:
- while (!(*lpSrc>>index & 0x0001) && index<MAXTCIINDEX) index++;
+ while (index < MAXTCIINDEX && !(*lpSrc>>index & 0x0001)) index++;
break;
case TCI_SRCCODEPAGE:
- while (PtrToUlong(lpSrc) != FONT_tci[index].ciACP && index < MAXTCIINDEX) index++;
+ while (index < MAXTCIINDEX && PtrToUlong(lpSrc) != FONT_tci[index].ciACP) index++;
break;
case TCI_SRCCHARSET:
- while (PtrToUlong(lpSrc) != FONT_tci[index].ciCharset && index < MAXTCIINDEX) index++;
+ while (index < MAXTCIINDEX && PtrToUlong(lpSrc) != FONT_tci[index].ciCharset) index++;
break;
default:
return FALSE;
--
1.5.6.5
--=-jwW5wzuXXqZRzVeGSy9/--
More information about the wine-patches
mailing list