From 62b9c26bb542581d62b6214bf0143dd32a1d3fac Mon Sep 17 00:00:00 2001
From: Dmitry Timoshkov <dmitry@baikal.ru>
Date: Mon, 2 Apr 2012 14:40:50 +0900
Subject: [PATCH] gdi32: Refuse to load a large .fot file earlier.

---
 dlls/gdi32/font.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/dlls/gdi32/font.c b/dlls/gdi32/font.c
index 230d4217dcb..f5c44d835b9 100644
--- a/dlls/gdi32/font.c
+++ b/dlls/gdi32/font.c
@@ -3454,10 +3454,15 @@ static void *map_file( const WCHAR *filename, LARGE_INTEGER *size )
     file = CreateFileW( filename, GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL );
     if (file == INVALID_HANDLE_VALUE) return NULL;
 
-    GetFileSizeEx( file, size );
+    if (!GetFileSizeEx( file, size ) || size->u.HighPart)
+    {
+        CloseHandle( file );
+        return NULL;
+    }
+
     mapping = CreateFileMappingW( file, NULL, PAGE_READONLY, 0, 0, NULL );
     CloseHandle( file );
-    if (mapping == NULL) return NULL;
+    if (!mapping) return NULL;
 
     ptr = MapViewOfFile( mapping, FILE_MAP_READ, 0, 0, 0 );
     CloseHandle( mapping );
@@ -3478,7 +3483,6 @@ static WCHAR *get_scalable_filename( const WCHAR *res )
 
     if (!ptr) return NULL;
 
-    if (size.u.HighPart) goto fail;
     if (size.u.LowPart < sizeof( *dos )) goto fail;
     dos = (const IMAGE_DOS_HEADER *)ptr;
     if (dos->e_magic != IMAGE_DOS_SIGNATURE) goto fail;