According to the documentation of ScriptShape function, the psva argument should have the number of elements indicated by cMaxGlyphs.
-- v4: gdi32: Fix possible overflow
From: Mark Jansen mark.jansen@reactos.org
According to the documentation of ScriptShape function, the psva argument should have the number of elements indicated by cMaxGlyphs. --- dlls/gdi32/text.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/dlls/gdi32/text.c b/dlls/gdi32/text.c index f2fcb41bcdf..b0134e529f5 100644 --- a/dlls/gdi32/text.c +++ b/dlls/gdi32/text.c @@ -471,7 +471,7 @@ static BOOL BIDI_Reorder( HDC hDC, /* [in] Display DC */ WARN("Out of memory\n"); goto cleanup; } - psva = HeapAlloc(GetProcessHeap(),0,sizeof(SCRIPT_VISATTR) * uCount); + psva = HeapAlloc(GetProcessHeap(),0,sizeof(SCRIPT_VISATTR) * cMaxGlyphs); if (!psva) { WARN("Out of memory\n"); @@ -604,16 +604,22 @@ static BOOL BIDI_Reorder( HDC hDC, /* [in] Display DC */ while (res == E_OUTOFMEMORY) { WORD *new_run_glyphs = HeapReAlloc(GetProcessHeap(), 0, run_glyphs, sizeof(*run_glyphs) * cMaxGlyphs * 2); - if (!new_run_glyphs) + SCRIPT_VISATTR *new_psva = HeapReAlloc(GetProcessHeap(), 0, psva, sizeof(*psva) * cMaxGlyphs * 2); + if (!new_run_glyphs || !new_psva) { WARN("Out of memory\n"); HeapFree(GetProcessHeap(), 0, runOrder); HeapFree(GetProcessHeap(), 0, visOrder); HeapFree(GetProcessHeap(), 0, *lpGlyphs); *lpGlyphs = NULL; + if (new_run_glyphs) + run_glyphs = new_run_glyphs; + if (new_psva) + psva = new_psva; goto cleanup; } run_glyphs = new_run_glyphs; + psva = new_psva; cMaxGlyphs *= 2; res = ScriptShape(hDC, &psc, lpString + done + curItem->iCharPos, cChars, cMaxGlyphs, &curItem->a, run_glyphs, pwLogClust, psva, &cOutGlyphs); }
Hi,
It looks like your patch introduced the new failures shown below. Please investigate and fix them before resubmitting your patch. If they are not new, fixing them anyway would help a lot. Otherwise please ask for the known failures list to be updated.
The tests also ran into some preexisting test failures. If you know how to fix them that would be helpful. See the TestBot job for the details:
The full results can be found at: https://testbot.winehq.org/JobDetails.pl?Key=124894
Your paranoid android.
=== debian11 (32 bit report) ===
wmvcore: wmvcore.c:3009: Test failed: Wait timed out.
=== debian11 (build log) ===
Use of uninitialized value $Flaky in addition (+) at /home/testbot/lib/WineTestBot/LogUtils.pm line 720, <$LogFile> line 24683. Use of uninitialized value $Flaky in addition (+) at /home/testbot/lib/WineTestBot/LogUtils.pm line 720, <$LogFile> line 24683. Use of uninitialized value $Flaky in addition (+) at /home/testbot/lib/WineTestBot/LogUtils.pm line 720, <$LogFile> line 24683.
On Tue Oct 11 15:38:47 2022 +0000, **** wrote:
Marvin replied on the mailing list:
Hi, It looks like your patch introduced the new failures shown below. Please investigate and fix them before resubmitting your patch. If they are not new, fixing them anyway would help a lot. Otherwise please ask for the known failures list to be updated. The tests also ran into some preexisting test failures. If you know how to fix them that would be helpful. See the TestBot job for the details: The full results can be found at: https://testbot.winehq.org/JobDetails.pl?Key=124890 Your paranoid android. === debian11 (build log) === Use of uninitialized value $Flaky in addition (+) at /home/testbot/lib/WineTestBot/LogUtils.pm line 720, <$LogFile> line 24681. Use of uninitialized value $Flaky in addition (+) at /home/testbot/lib/WineTestBot/LogUtils.pm line 720, <$LogFile> line 24681. Use of uninitialized value $Flaky in addition (+) at /home/testbot/lib/WineTestBot/LogUtils.pm line 720, <$LogFile> line 24681.
Not sure what to do with this, is this something that I broke?
On Tue Oct 11 15:58:12 2022 +0000, Mark Jansen wrote:
Not sure what to do with this, is this something that I broke?
Don't worry about it: it's not you, it's the testbot.
This merge request was approved by Huw Davies.
-
Huw Davies (@huw) -
Mark Jansen
-
Mark Jansen (@learn-more)
-
Marvin