-- v4: gdiplus: Prevent uninitializd memory access (Coverity)
From: Fabian Maurer dark.shadow4@web.de
This fixes a regression by 69d815407d99 Originally this used GdipAlloc (calloc) --- dlls/gdiplus/metafile.c | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/dlls/gdiplus/metafile.c b/dlls/gdiplus/metafile.c index eb8b4197f3f..5c50d0d1d37 100644 --- a/dlls/gdiplus/metafile.c +++ b/dlls/gdiplus/metafile.c @@ -3404,6 +3404,8 @@ GpStatus WINGDIPAPI GdipPlayMetafileRecord(GDIPCONST GpMetafile *metafile, { if (flags & 0x800) /* P */ { + points[0].X = 0; + points[0].Y = 0; for (i = 1; i < fill->Count; i++) { points[i].X = points[i - 1].X + fill->PointData.pointsR[i].X;
On Mon Dec 11 00:29:17 2023 +0000, Nikolay Sivov wrote:
This one is broken after recent 69d815407d99667e2565e268629d909fe50b2b30. We'll need to examine this change more carefully, it didn't switch to equivalent zero-ing calls.
Right, somehow overlooked that, thanks. I changed to to only zero the first point, since fully zeroing all elements is unnecessary.
Playback for EmfPlusRecordTypeFillClosedCurve has the same issue, and EmfPlusRecordTypeDrawImagePoints was already broken because it starts from first delta point instead of a zero origin.
This merge request was approved by Esme Povirk.
-
Esme Povirk (@madewokherd) -
Fabian Maurer
-
Fabian Maurer (@DarkShadow44)
-
Nikolay Sivov (@nsivov)