[PATCH 0/1] MR10868: gdi32/uniscribe: Add some out-of-bound checks in shape.c. - Wine-GitLab - list.winehq.org

newer
[PATCH v3 0/2] MR10696: shcore: 0...

[PATCH 0/1] MR10868: gdi32/uniscribe: Add some out-of-bound checks in shape.c.

older
[PATCH v3 0/3] MR10772:...

समीरसिंह Sameer Singh (＠ss141309)

May 11, 2026

6:32 p.m.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=59680 -- https://gitlab.winehq.org/wine/wine/-/merge_requests/10868

Reply

Sign in to reply online Use email software

Show replies by date

समीर सिंह Sameer Singh

May 2026

6:32 p.m.

New subject: [PATCH 1/1] gdi32/uniscribe: Add some out-of-bound checks in shape.c.

From: समीर सिंह Sameer Singh <lumarzeli30@gmail.com> Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=59680 --- dlls/gdi32/uniscribe/shape.c | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/dlls/gdi32/uniscribe/shape.c b/dlls/gdi32/uniscribe/shape.c index 9f67b99c11d..b82144fe84a 100644 --- a/dlls/gdi32/uniscribe/shape.c +++ b/dlls/gdi32/uniscribe/shape.c @@ -3010,11 +3010,12 @@ static void ShapeCharGlyphProp_Arabic( HDC hdc, ScriptCache *psc, SCRIPT_ANALYSI if (k>=0) { for (; k < cChars && pwLogClust[k] == i; k++) - char_index[char_count++] = k; + if (char_count < ARRAY_SIZE(char_index)) + char_index[char_count++] = k; } - isInit = (i == initGlyph || (i+dirR > 0 && i+dirR < cGlyphs && spaces[i+dirR])); - isFinal = (i == finaGlyph || (i+dirL > 0 && i+dirL < cGlyphs && spaces[i+dirL])); + isInit = (i == initGlyph || ((unsigned int)i+dirR < (unsigned int)cGlyphs && spaces[i+dirR])); + isFinal = (i == finaGlyph || ((unsigned int)i+dirL < (unsigned int)cGlyphs && spaces[i+dirL])); if (char_count == 0) continue; @@ -3088,7 +3089,8 @@ static void ShapeCharGlyphProp_Hebrew( HDC hdc, ScriptCache *psc, SCRIPT_ANALYSI if (k>=0) { for (; k < cChars && pwLogClust[k] == i; k++) - char_index[char_count++] = k; + if (char_count < ARRAY_SIZE(char_index)) + char_index[char_count++] = k; } if (char_count == 0) @@ -3134,7 +3136,8 @@ static void ShapeCharGlyphProp_Thai( HDC hdc, ScriptCache *psc, SCRIPT_ANALYSIS if (k>=0) { for (; k < cChars && pwLogClust[k] == i; k++) - char_index[char_count++] = k; + if (char_count < ARRAY_SIZE(char_index)) + char_index[char_count++] = k; } if (i == finaGlyph) @@ -3159,7 +3162,11 @@ static void ShapeCharGlyphProp_Thai( HDC hdc, ScriptCache *psc, SCRIPT_ANALYSIS for (i = 0; i < cGlyphs; i++) { if (!pGlyphProp[i].sva.fClusterStart) - pGlyphProp[i-dirL].sva.uJustification = SCRIPT_JUSTIFY_NONE; + { + unsigned int neighbour = i-dirL; + if (neighbour < (unsigned int)cGlyphs) + pGlyphProp[neighbour].sva.uJustification = SCRIPT_JUSTIFY_NONE; + } } } @@ -3207,7 +3214,8 @@ static void ShapeCharGlyphProp_Tibet( HDC hdc, ScriptCache* psc, SCRIPT_ANALYSIS if (k>=0) { for (; k < cChars && pwLogClust[k] == i; k++) - char_index[char_count++] = k; + if (char_count < ARRAY_SIZE(char_index)) + char_index[char_count++] = k; } if (char_count == 0) @@ -3249,7 +3257,8 @@ static void ShapeCharGlyphProp_BaseIndic( HDC hdc, ScriptCache *psc, SCRIPT_ANAL if (k>=0) { for (; k < cChars && pwLogClust[k] == i; k++) - char_index[char_count++] = k; + if (char_count < ARRAY_SIZE(char_index)) + char_index[char_count++] = k; } if (override_gsub) -- GitLab https://gitlab.winehq.org/wine/wine/-/merge_requests/10868

Reply

Sign in to reply online Use email software

40

Age (days ago)

40

Last active (days ago)

1 comments

2 participants

tags

participants (2)

समीर सिंह Sameer Singh
समीरसिंह Sameer Singh (＠ss141309)