[PATCH 1/2] dwrite: Fix invalid read when building zero length text layout (Valgrind)
Nikolay Sivov
nsivov at codeweavers.com
Mon Jun 13 08:38:27 CDT 2016
Signed-off-by: Nikolay Sivov <nsivov at codeweavers.com>
---
dlls/dwrite/layout.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/dlls/dwrite/layout.c b/dlls/dwrite/layout.c
index b95023f..3fcf07a 100644
--- a/dlls/dwrite/layout.c
+++ b/dlls/dwrite/layout.c
@@ -727,7 +727,7 @@ static HRESULT layout_compute_runs(struct dwrite_textlayout *layout)
free_layout_runs(layout);
/* Cluster data arrays are allocated once, assuming one text position per cluster. */
- if (!layout->clustermetrics) {
+ if (!layout->clustermetrics && layout->len) {
layout->clustermetrics = heap_alloc(layout->len*sizeof(*layout->clustermetrics));
layout->clusters = heap_alloc(layout->len*sizeof(*layout->clusters));
if (!layout->clustermetrics || !layout->clusters) {
@@ -1694,12 +1694,13 @@ static HRESULT layout_compute_effective_runs(struct dwrite_textlayout *layout)
layout->metrics.lineCount = 0;
origin_x = is_rtl ? layout->metrics.layoutWidth : 0.0f;
line = 0;
- run = layout->clusters[0].run;
memset(&metrics, 0, sizeof(metrics));
layout_splitting_params_from_pos(layout, 0, ¶ms);
prev_params = params;
+ if (layout->cluster_count)
+ run = layout->clusters[0].run;
for (i = 0, start = 0, textpos = 0, width = 0.0f; i < layout->cluster_count; i++) {
BOOL overflow;
--
2.8.1
More information about the wine-patches
mailing list