Module: wine Branch: master Commit: f1079fe162379d86f5478a77f593e0ed13adfca6 URL: http://source.winehq.org/git/wine.git/?a=commit;h=f1079fe162379d86f5478a77f5...

Author: Nikolay Sivov nsivov@codeweavers.com Date: Mon Jun 13 16:38:27 2016 +0300

dwrite: Fix invalid read when building zero length text layout (Valgrind).

Signed-off-by: Nikolay Sivov nsivov@codeweavers.com Signed-off-by: Alexandre Julliard julliard@winehq.org

---

dlls/dwrite/layout.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/dlls/dwrite/layout.c b/dlls/dwrite/layout.c index b95023f..3fcf07a 100644 --- a/dlls/dwrite/layout.c +++ b/dlls/dwrite/layout.c @@ -727,7 +727,7 @@ static HRESULT layout_compute_runs(struct dwrite_textlayout *layout) free_layout_runs(layout);

/* Cluster data arrays are allocated once, assuming one text position per cluster. */ - if (!layout->clustermetrics) { + if (!layout->clustermetrics && layout->len) { layout->clustermetrics = heap_alloc(layout->len*sizeof(*layout->clustermetrics)); layout->clusters = heap_alloc(layout->len*sizeof(*layout->clusters)); if (!layout->clustermetrics || !layout->clusters) { @@ -1694,12 +1694,13 @@ static HRESULT layout_compute_effective_runs(struct dwrite_textlayout *layout) layout->metrics.lineCount = 0; origin_x = is_rtl ? layout->metrics.layoutWidth : 0.0f; line = 0; - run = layout->clusters[0].run; memset(&metrics, 0, sizeof(metrics));

layout_splitting_params_from_pos(layout, 0, &params); prev_params = params;

+ if (layout->cluster_count) + run = layout->clusters[0].run; for (i = 0, start = 0, textpos = 0, width = 0.0f; i < layout->cluster_count; i++) { BOOL overflow;