[PATCH] gdi32: Fixed obj_map_cmp special cases. - wine-devel

22 Oct 2021

...
From 6e1444a2d4a7585e199f3e8cc01844362e6358c7 Mon Sep 17 00:00:00 2001
From: Francisco Casas franciscojacb@gmail.com
Date: Fri, 22 Oct 2021 14:21:30 -0300
Subject: [PATCH] gdi32: Fixed obj_map_cmp special cases.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixed obj_map_cmp when the difference between key and entry is too large and the resulting integer overflows.
e.g. The subtraction:
0x000000000A0A009F - 0xFFFFFFFF9910019E
doesn't result in -1 as it should (even when using the highwords 0A0A009F - 9910019E).
Also, by suggestion of Zebediah Figura, pointers are now cast to (UINT_PTR) instead of using HandleToLong(·),
to avoid a theoretical chance of collision by only using the highwords.
Signed-off-by: Francisco Casas franciscojacb@gmail.com
---
 dlls/gdi32/objects.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/dlls/gdi32/objects.c b/dlls/gdi32/objects.c
index 4b390aa0160..c92a83bdebc 100644
--- a/dlls/gdi32/objects.c
+++ b/dlls/gdi32/objects.c
@@ -178,7 +178,11 @@ DWORD WINAPI GetObjectType( HGDIOBJ handle )
 static int obj_map_cmp( const void *key, const struct wine_rb_entry *entry )
 {
     struct obj_map_entry *obj_entry = WINE_RB_ENTRY_VALUE( entry, struct obj_map_entry, entry );
-    return HandleToLong( key ) - HandleToLong( obj_entry->obj );
+    UINT_PTR a = (UINT_PTR)(key);
+    UINT_PTR b = (UINT_PTR)(obj_entry->obj);
+    if(a>b) return 1;
+    if(a<b) return -1;
+    return 0;
 };
struct wine_rb_tree obj_map = { obj_map_cmp };
-- 
2.25.1


    