RICHED20: truncation and elongation fixes
Krzysztof Foltman
wdev at foltman.com
Mon Oct 3 09:32:21 CDT 2005
ChangeLog:
* Remove another potential sources of infinite loops caused by EOF in
the middle of the font and color tables
* Closing brace on text level is treated as EOF (effectively protecting
the control from trash after the end of RTF)
* Removed misleading comment about incomplete buffers (I was definitely
wrong)
Hope it's OK this time - I've tried to run it on some truncated RTF and
it looks like it works. Testing on usual suspects seems to have
confirmed that.
Krzysztof
-------------- next part --------------
Index: reader.c
===================================================================
RCS file: /home/wine/wine/dlls/riched20/reader.c,v
retrieving revision 1.18
diff -u -r1.18 reader.c
--- reader.c 26 Sep 2005 09:53:49 -0000 1.18
+++ reader.c 3 Oct 2005 13:45:25 -0000
@@ -127,13 +127,6 @@
TRACE("\n");
- /* Doc says, that if the last buffer wasn't full, it's EOF.
- Actually, that's not true. */
-/*
- if (stream->dwSize > 0 && stream->dwSize == stream->dwUsed
- && stream->dwSize < sizeof(stream->buffer))
- return EOF;
-*/
if (stream->dwSize <= stream->dwUsed)
{
ME_StreamInFill(stream);
@@ -455,6 +448,10 @@
RTFFuncPtr p;
TRACE("\n");
+ /* don't try to return anything once EOF is reached */
+ if (info->rtfClass == rtfEOF) {
+ return rtfEOF;
+ }
for (;;)
{
@@ -885,6 +882,8 @@
for (;;)
{
RTFGetToken (info);
+ if (info->rtfClass == rtfEOF)
+ break;
if (RTFCheckCM (info, rtfGroup, rtfEndGroup))
break;
if (old < 0) /* first entry - determine tbl type */
@@ -901,6 +900,8 @@
if (!RTFCheckCM (info, rtfGroup, rtfBeginGroup))
RTFPanic (info, "%s: missing \"{\"", fn);
RTFGetToken (info); /* yes, skip to next token */
+ if (info->rtfClass == rtfEOF)
+ break;
}
fp = New (RTFFont);
if (fp == NULL)
@@ -1002,12 +1003,18 @@
fn,info->rtfTextBuf);
}
RTFGetToken (info);
+ if (info->rtfClass == rtfEOF)
+ break;
}
+ if (info->rtfClass == rtfEOF)
+ break;
if (old == 0) /* need to see "}" here */
{
RTFGetToken (info);
if (!RTFCheckCM (info, rtfGroup, rtfEndGroup))
RTFPanic (info, "%s: missing \"}\"", fn);
+ if (info->rtfClass == rtfEOF)
+ break;
}
/* Apply the real properties of the default font */
@@ -1055,6 +1062,8 @@
for (;;)
{
RTFGetToken (info);
+ if (info->rtfClass == rtfEOF)
+ break;
if (RTFCheckCM (info, rtfGroup, rtfEndGroup))
break;
cp = New (RTFColor);
@@ -1074,6 +1083,8 @@
}
RTFGetToken (info);
}
+ if (info->rtfClass == rtfEOF)
+ break;
if (!RTFCheckCM (info, rtfText, ';'))
RTFPanic (info,"%s: malformed entry", fn);
}
Index: editor.c
===================================================================
RCS file: /home/wine/wine/dlls/riched20/editor.c,v
retrieving revision 1.58
diff -u -r1.58 editor.c
--- editor.c 3 Oct 2005 11:03:48 -0000 1.58
+++ editor.c 3 Oct 2005 13:45:25 -0000
@@ -483,7 +483,12 @@
{
ME_Style *s;
RTFFlushOutputBuffer(info);
+ if (info->stackTop<=1) {
+ info->rtfClass = rtfEOF;
+ return;
+ }
info->stackTop--;
+ assert(info->stackTop >= 0);
if (info->styleChanged)
{
/* FIXME too slow ? how come ? */
More information about the wine-patches
mailing list