https://bugs.winehq.org/show_bug.cgi?id=40396
Bug ID: 40396 Summary: Not initialize structure. Product: Wine Version: 1.9.6 Hardware: x86 OS: Windows Status: UNCONFIRMED Severity: critical Priority: P2 Component: dwrite Assignee: wine-bugs@winehq.org Reporter: blackwingcat2000@gmail.com
When opentype_get_font_table function fail without font_table initialize, crash function.
opentype.c 1118 const TT_OS2_V2 *tt_os2; 1119 const TT_HEAD *tt_head; 1120 const TT_POST *tt_post; 1121 const TT_HHEA *tt_hhea; 1122 1123 memset(metrics, 0, sizeof(*metrics)); 1124 1125 opentype_get_font_table(stream, face_type, face_index, MS_OS2_TAG, (const void**)&tt_os2, &os2_context, NULL, NULL); 1126 opentype_get_font_table(stream, face_type, face_index, MS_HEAD_TAG, (const void**)&tt_head, &head_context, NULL, NULL); 1127 opentype_get_font_table(stream, face_type, face_index, MS_POST_TAG, (const void**)&tt_post, &post_context, NULL, NULL); 1128 opentype_get_font_table(stream, face_type, face_index, MS_HHEA_TAG, (const void**)&tt_hhea, &hhea_context, NULL, NULL);
1118 TT_OS2_V2 *tt_os2 = NULL; 1119 TT_HEAD *tt_head = NULL; 1120 TT_POST *tt_post = NULL; 1121 TT_HHEA *tt_hhea = NULL;
Crash on WindowsSDK7-Samples-master\multimedia\DirectWrite\SimpleHelloWorld
https://bugs.winehq.org/show_bug.cgi?id=40396
--- Comment #1 from blackwingcat2000@gmail.com --- 1224 const TT_OS2_V2 *tt_os2; 1225 const TT_HEAD *tt_head; 1226 1227 opentype_get_font_table(stream, type, index, MS_OS2_TAG, (const void**)&tt_os2, &os2_context, NULL, NULL); 1228 opentype_get_font_table(stream, type, index, MS_HEAD_TAG, (const void**)&tt_head, &head_context, NULL, NULL); 1229
fixed 1224 TT_OS2_V2 *tt_os2 = NULL; 1225 TT_HEAD *tt_head = NULL;
SUB_L6DA67F21: push ebp push edi push esi push ebx sub esp,0000003Ch mov esi,[esp+54h] mov ebx,[esp+58h] mov edi,[esp+5Ch] lea edx,[esp+30h] mov dword ptr [esp+1Ch],00000000h mov dword ptr [esp+18h],00000000h lea eax,[esp+38h] mov [esp+14h],eax mov [esp+10h],edx mov dword ptr [esp+0Ch],322F534Fh mov [esp+08h],ebx mov [esp+04h],esi mov eax,[esp+50h] mov [esp],eax call SUB_L6DA67739 lea edx,[esp+2Ch] mov dword ptr [esp+1Ch],00000000h mov dword ptr [esp+18h],00000000h lea eax,[esp+34h] mov [esp+14h],eax mov [esp+10h],edx mov dword ptr [esp+0Ch],64616568h mov [esp+08h],ebx mov [esp+04h],esi mov eax,[esp+50h] mov [esp],eax call SUB_L6DA67739 mov dword ptr [edi+04h],00000005h mov dword ptr [edi+08h],00000190h mov dword ptr [edi],00000000h lea esi,[edi+0Ch] mov dword ptr [edi+0Ch],00000000h mov dword ptr [esi+04h],00000000h mov word ptr [esi+08h],0000h mov edx,[esp+30h] test edx,edx jz L6DA6812D movzx ebx,[edx] movzx eax,[edx+3Eh] rol ax,08h movzx ebp,ax movzx ecx,[edx+04h] rol cx,08h movzx eax,[edx+06h] rol ax,08h cmp ax,0009h ja L6DA6800D movzx eax,ax mov [edi+04h],eax L6DA6800D: lea eax,[ecx-01h] cmp ax,0008h ja L6DA68026 movzx eax,cx lea eax,[eax+eax*4] lea eax,[eax+eax*4] lea ecx,[00000000h+eax*4] L6DA68026: cmp cx,03B6h ja L6DA680C7 movzx eax,cx mov [edi+08h],eax rol bx,08h cmp bx,0003h jbe L6DA680DC L6DA68045: test ebp,00000200h jz L6DA680DC mov dword ptr [edi],00000001h L6DA68057: mov edx,[esp+30h] add edx,00000020h mov eax,[edx] <- Crash
https://bugs.winehq.org/show_bug.cgi?id=40396
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- OS|Windows |Linux Severity|critical |normal
https://bugs.winehq.org/show_bug.cgi?id=40396
--- Comment #2 from Nikolay Sivov bunglehead@gmail.com --- It depends on a font, but I see what you mean. Could you attach +dwrite,+dwrite_file,+tid log as a text file, and also please attached compiled binary for this sample.
https://bugs.winehq.org/show_bug.cgi?id=40396
blackwingcat2000@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |blackwingcat2000@gmail.com
--- Comment #3 from blackwingcat2000@gmail.com --- Created attachment 54107 --> https://bugs.winehq.org/attachment.cgi?id=54107 Fixed binary and sample exe and fixed detail
dwrite.dll Fixed binary
SimpleHelloWorld.exe Sample Executable
opentype.c.fix.txt How to fix.
https://bugs.winehq.org/show_bug.cgi?id=40396
Bruno Jesus 00cpxxx@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Summary|Not initialize structure. |Windows SDK DirectWrite | |sample crashes on | |uninitialized parameter
https://bugs.winehq.org/show_bug.cgi?id=40396
Nikolay Sivov bunglehead@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Fixed by SHA1| |7cac7bb99f962e268796fe5f756 | |6d0eaffd09bb6 Status|UNCONFIRMED |RESOLVED
--- Comment #4 from Nikolay Sivov bunglehead@gmail.com --- This is most likely fixed with http://source.winehq.org/git/wine.git/commit/7cac7bb99f962e268796fe5f7566d0e.... Could you attach a log I asked for in comment 2, while running without this patch?
https://bugs.winehq.org/show_bug.cgi?id=40396
Alexandre Julliard julliard@winehq.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED
--- Comment #5 from Alexandre Julliard julliard@winehq.org --- Closing bugs fixed in 1.9.8.
https://bugs.winehq.org/show_bug.cgi?id=40396
Michael Stefaniuc mstefani@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |mstefani@redhat.com Target Milestone|--- |1.8.x
https://bugs.winehq.org/show_bug.cgi?id=40396
Michael Stefaniuc mstefani@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|1.8.x |---
--- Comment #6 from Michael Stefaniuc mstefani@redhat.com --- Removing 1.8.x milestone from bugs included in 1.8.3.
-
wine-bugs@winehq.org