Skip to content

W
wine-winehq
Commit 99088fe1 authored by Rémi Bernon's avatar Rémi Bernon Committed by Alexandre Julliard
Browse files
Options

winex11.drv: Fix invalid range when reading GTK_WORKAREAS_D0 (valgrind).

Invalid read of size 8 at 0x559B816: get_work_area (display.c:296) by 0x55DC8C1: query_screens (xinerama.c:103) by 0x55DC8C1: xinerama_init (xinerama.c:275) by 0x55D6F47: process_attach (x11drv_main.c:602) by 0x55D6F47: DllMain (x11drv_main.c:721) by 0x7BC35819: call_dll_entry_point (loader.c:285) by 0x7BC35819: MODULE_InitDLL (loader.c:1317) by 0x7BC362ED: process_attach.part.0 (loader.c:1411) by 0x7BC3B843: process_attach (loader.c:1382) by 0x7BC3B843: LdrLoadDll (loader.c:2765) by 0x7B025C85: load_library (loader.c:172) by 0x7B026B72: LoadLibraryExW (loader.c:522) by 0x7B026BE5: LoadLibraryW (loader.c:492) by 0x40990D: load_graphics_driver (desktop.c:844) by 0x40990D: manage_desktop (desktop.c:1010) by 0x40C6B3: parse_command_line (explorer.c:836) by 0x40C6B3: wWinMain (explorer.c:865) by 0x4103F2: wmain (crt_wwinmain.c:55) Address 0x5272370 is 16 bytes before an unallocated block of size 3,132,512 in arena "client" Signed-off-by: 's avatarRémi Bernon <rbernon@codeweavers.com> Signed-off-by: 's avatarAlexandre Julliard <julliard@winehq.org>
parent 9396d3b3
Hide whitespace changes
Inline Side-by-side
Showing with 2 additions and 2 deletions
dlls/winex11.drv/display.c
View file @ 99088fe1
......@@ -289,9 +289,9 @@ RECT get_work_area(const RECT *monitor_rect)
x11drv_atom(_GTK_WORKAREAS_D0), 0, ~0, False, XA_CARDINAL, &type,
&format, &count, &remaining, (unsigned char **)&work_area))
{
if (type == XA_CARDINAL && format == 32 && count >= 4)
if (type == XA_CARDINAL && format == 32)
{
for (i = 0; i + 3 < count; i += 4)
for (i = 0; i < count / 4; ++i)
{
work_rect.left = work_area[i * 4];
work_rect.top = work_area[i * 4 + 1];
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment