Well, it seems James committed more than the original patch,
which is a one liner.
--- a/dlls/gdi32/region.c
+++ b/dlls/gdi32/region.c
@@ -2216,7 +2216,8 @@ static BOOL REGION_SubtractO (WINEREGION *pReg, RECT *r1, RECT
*r1End,
if (!add_rect( pReg, left, top, r1->right, bottom )) return FALSE;
}
r1++;
- left = r1->left;
+ if (r1 != r1End)
+ left = r1->left;
}
}
Kind regards,
Sylvain Petreolle
----- Message d'origine ----
De : Timo Kreuzer <timo.kreuzer(a)web.de>
À : ros-dev(a)reactos.org
Envoyé le : Dim 3 Janvier 2010, 10 h 26 min 55 s
Objet : Re: [ros-dev] [ros-diffs] [jimtabor] 44902: [Win32k] - Patch by Dan Kegel: Fix
minor read buffer overrun in CombineRgn.
http://bugs.winehq.org/show_bug.cgi?id=20851 -
When locking and unlocking regions, use probe to check attribute space first before read
or write access.
Why the KeEnterCriticalRegion?
jimtabor(a)svn.reactos.org wrote:
- if (pAttr) FreeObjectAttr(pAttr);
+ if (pAttr)
+ {
+ KeEnterCriticalRegion();
+ FreeObjectAttr(pAttr);
+ KeLeaveCriticalRegion();
+ }
break;
_______________________________________________
Ros-dev mailing list
Ros-dev(a)reactos.org
http://www.reactos.org/mailman/listinfo/ros-dev