Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-03 06:46:06 +00:00
Code Issues Projects Releases Packages Wiki Activity

[0.4.9][NTGDI] Check if face->charmap is not zero before accessing its encoding (#4390)

Browse source 
Prevents a BSOD 0x1E upon dereference.
CORE-18091 CORE-18558

By partially porting back:
0.4.15-dev-5587-ga999c43 a999c43746
and take also some cosmetic changes from master head, like EOL-whitespace-removal.
This commit is contained in:
Joachim Henze 2023-01-21 15:01:29 +01:00
parent 8a9c4b374e
commit 96db0cd726
1 changed files with 13 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

25
win32ss/gdi/ntgdi/freetype.c
View file

@ -1132,7 +1132,7 @@ IntGdiAddFontResource(PUNICODE_STRING FileName, DWORD Characteristics)
SIZE_T ViewSize = 0;
LARGE_INTEGER SectionSize;
OBJECT_ATTRIBUTES ObjectAttributes;
GDI_LOAD_FONT LoadFont;
GDI_LOAD_FONT LoadFont;
INT FontCount;
HANDLE KeyHandle;
static const UNICODE_STRING TrueTypePostfix = RTL_CONSTANT_STRING(L" (TrueType)");
@ -1242,7 +1242,6 @@ IntGdiAddFontMemResource(PVOID Buffer, DWORD dwSize, PDWORD pNumAdded)
HANDLE Ret = 0;
PVOID BufferCopy = ExAllocatePoolWithTag(PagedPool, dwSize, TAG_FONT);
if (!BufferCopy)
{
*pNumAdded = 0;
@ -1552,7 +1551,6 @@ static BOOL face_has_symbol_charmap(FT_Face ft_face)
return FALSE;
}
static void FASTCALL
FillTMEx(TEXTMETRICW *TM, PFONTGDI FontGDI,
TT_OS2 *pOS2, TT_HoriHeader *pHori,
@ -1633,9 +1631,7 @@ FillTMEx(TEXTMETRICW *TM, PFONTGDI FontGDI,
TM->tmAveCharWidth = (FT_MulFix(pOS2->xAvgCharWidth, XScale) + 32) >> 6;
if (TM->tmAveCharWidth == 0)
{
TM->tmAveCharWidth = 1;
}
/* Correct forumla to get the maxcharwidth from unicode and ansi font */
TM->tmMaxCharWidth = (FT_MulFix(Face->max_advance_width, XScale) + 32) >> 6;
@ -3173,7 +3169,6 @@ ftGdiGetGlyphOutline(
FT_Matrix ftmatrix;
FLOATOBJ efTemp;
PMATRIX pmx = DC_pmxWorldToDevice(dc);
/* Create a freetype matrix, by converting to 16.16 fixpoint format */
@ -3770,6 +3765,9 @@ ftGetFontUnicodeRanges(PFONTGDI Font, PGLYPHSET glyphset)
DWORD num_ranges = 0;
FT_Face face = Font->SharedFace->Face;
if (face->charmap == NULL)
return 0;
if (face->charmap->encoding == FT_ENCODING_UNICODE)
{
FT_UInt glyph_code = 0;
@ -4481,9 +4479,6 @@ TextIntRealizeFont(HFONT FontHandle, PTEXTOBJ pTextObj)
FontGdi->RequestWeight = FW_NORMAL;
Face = FontGdi->SharedFace->Face;
//FontGdi->OriginalWeight = WeightFromStyle(Face->style_name);
if (!FontGdi->OriginalItalic)
FontGdi->OriginalItalic = ItalicFromStyle(Face->style_name);
@ -5664,15 +5659,14 @@ GreExtTextOutW(
HSourceGlyph = EngCreateBitmap(bitSize, realglyph->bitmap.pitch,
BMF_8BPP, BMF_TOPDOWN,
realglyph->bitmap.buffer);
if ( !HSourceGlyph )
if (!HSourceGlyph)
{
DPRINT1("WARNING: EngCreateBitmap() failed!\n");
// FT_Done_Glyph(realglyph);
bResult = FALSE;
break;
}
SourceGlyphSurf = EngLockSurface((HSURF)HSourceGlyph);
if ( !SourceGlyphSurf )
if (!SourceGlyphSurf)
{
EngDeleteSurface((HSURF)HSourceGlyph);
DPRINT1("WARNING: EngLockSurface() failed!\n");
@ -5812,7 +5806,6 @@ GreExtTextOutW(
EXLATEOBJ_vCleanup(&exloDst2RGB);
Cleanup:
DC_vFinishBlit(dc, NULL);
if (TextObj != NULL)
@ -6146,7 +6139,7 @@ NtGdiGetCharABCWidthsW(
if(Safepwch)
ExFreePoolWithTag(Safepwch , GDITAG_TEXT);
if (! NT_SUCCESS(Status))
if (!NT_SUCCESS(Status))
{
SetLastNtError(Status);
return FALSE;
@ -6394,7 +6387,6 @@ NtGdiGetGlyphIndicesW(
{
return GDI_ERROR;
}
FontGDI = ObjToGDI(TextObj->Font, FONT);
TEXTOBJ_UnlockText(TextObj);
@ -6434,7 +6426,6 @@ NtGdiGetGlyphIndicesW(
pwcSize = cwc * sizeof(WCHAR);
Safepwc = ExAllocatePoolWithTag(PagedPool, pwcSize, GDITAG_TEXT);
if (!Safepwc)
{
Status = STATUS_NO_MEMORY;
@ -6455,7 +6446,6 @@ NtGdiGetGlyphIndicesW(
if (!NT_SUCCESS(Status)) goto ErrorRet;
IntLockFreeType;
for (i = 0; i < cwc; i++)
{
Buffer[i] = FT_Get_Char_Index(FontGDI->SharedFace->Face, Safepwc[i]);
@ -6464,7 +6454,6 @@ NtGdiGetGlyphIndicesW(
Buffer[i] = DefChar;
}
}
IntUnLockFreeType;
_SEH2_TRY