April 23, 2026
2:28 a.m.
Hi, I came across this bug while solving another issue. Steps to reproduce: 1. Open wine notepad 2. Start spamming any character that requires mark_invalid_combinations() in the notepad, such as: َ (0x064e Arabic Fatha) 3. At nearly 41 inserted Fatha, notepad will crash -- v4: gdi32/uniscribe: Resize the buffers if glyph count exceeds limit. gdi32/uniscribe: Perform bounds check in insert_glyph(). gdi32/uniscribe: Fix heap buffer overflow in ScriptStringAnalyse(). https://gitlab.winehq.org/wine/wine/-/merge_requests/10612