Matteo Bruni (@Mystral) commented about dlls/d3d10/effect.c:
for (i = 0; i < p->vars_count; ++i) { struct d3d10_ctab_var *v = &p->vars[i]; - memcpy(dst + v->offset, v->v->buffer->u.buffer.local_buffer + v->v->buffer_offset, - v->length * sizeof(*dst)); + size_t size; + + /* Constant table variables are allocated at register granularity. + Corresponding constant buffer variables does not share same alignment, + overall buffer size alignment to 16 bytes also does not help. */ + size = min(v->length * sizeof(*dst), v->v->type->size_unpacked); + memcpy(dst + v->offset, v->v->buffer->u.buffer.local_buffer + v->v->buffer_offset, size);
Double checking I understand this correctly: this fixes a potential out of bounds while *reading from* `local_buffer`? -- https://gitlab.winehq.org/wine/wine/-/merge_requests/7710#note_99992