http://bugs.winehq.org/show_bug.cgi?id=22815
--- Comment #6 from Dmitry Timoshkov dmitry@codeweavers.com 2010-05-24 03:56:23 --- Created an attachment (id=28227) --> (http://bugs.winehq.org/attachment.cgi?id=28227) Use the whole allocated DIB memory as an image size
I think it's a bug in the application. Previously it was hidden by larger bitmap allocation based on a larger reported font height. The application accesses last byte in the DIB image, and the DIB fault handler doesn't detect that, because it doesn't find the fault address inside the DIB section. But actually that byte *is* inside of the allocated DIB region because DIB memory is allocated using 64k granularity.
Moreever, DIB fault handler does have a check that the address is behind the image size, and supposed to issue a warning in that case, but that check is unreachable for some reason, probably the code was changed at some point.
Attached patch makes the application work.