wine/gecko
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-gecko.git synced 2024-09-13 09:24:08 -07:00
Code Issues Packages Projects Releases Wiki Activity

Bug 366643 - Crash after loading page with html entities and <img> tagp=Philip Taylor <philip@zaynar.demon.co.uk>r=pavlov

Browse Source
This commit is contained in:
asqueella@gmail.com 2007-04-25 14:02:50 -07:00
parent 94f197331e
commit 6facfc990d
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
gfx/thebes/src/gfxWindowsFonts.cpp
View File

@ -1479,11 +1479,13 @@ public:
int maxItems = 5;
Init();
mItems = (SCRIPT_ITEM *)malloc(maxItems * sizeof(SCRIPT_ITEM));
// Allocate space for one more item than expected, to handle a rare
// overflow in ScriptItemize (pre XP SP2). See bug 366643.
mItems = (SCRIPT_ITEM *)malloc((maxItems + 1) * sizeof(SCRIPT_ITEM));
while ((rv = ScriptItemize(mString, mLength, maxItems, &mControl, &mState,
mItems, &mNumItems)) == E_OUTOFMEMORY) {
maxItems *= 2;
mItems = (SCRIPT_ITEM *)realloc(mItems, maxItems * sizeof(SCRIPT_ITEM));
mItems = (SCRIPT_ITEM *)realloc(mItems, (maxItems + 1) * sizeof(SCRIPT_ITEM));
Init();
}