wined3d: fix size of buffer in swapchain_create_context_for_thread()
Dan Kegel
dank at kegel.com
Mon May 31 00:09:55 CDT 2010
While testing Battlefield: Bad Company 2, I saw a glibc memory corruption error,
so I ran with +heap,+relay,+d3d. That showed
err:heap:HEAP_ValidateInUseArena Heap 0x110000: block 0x13ef80 tail
overwritten at 0x13ef85 (byte 0/11 == 0x40)
Inspection of code before the block in question was allocated led me
to the lines
dlls/wined3d/swapchain.c:972:
newArray = HeapAlloc(GetProcessHeap(), 0, sizeof(*newArray) *
This->num_contexts + 1);
...
newArray[This->num_contexts] = ctx;
which seem to be missing some parentheses.
Sure enough, the attached patch got rid of the heap error.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: swapchain.patch
Type: text/x-patch
Size: 622 bytes
Desc: not available
URL: <http://www.winehq.org/pipermail/wine-patches/attachments/20100531/97fba39d/attachment.bin>
More information about the wine-patches
mailing list