From d94d1a8b263a020575bf8dd76509d9e603434095 Mon Sep 17 00:00:00 2001 From: Jacek Caban Date: Tue, 7 Sep 2021 14:09:53 +0200 Subject: [PATCH] gdi32: Allocate extra DWORD for EMR_CREATEDIBPATTERNBRUSHPT records. Like for EMR_CREATEMONOBRUSH. Signed-off-by: Jacek Caban Signed-off-by: Huw Davies Signed-off-by: Alexandre Julliard --- dlls/gdi32/emfdc.c | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/dlls/gdi32/emfdc.c b/dlls/gdi32/emfdc.c index 479e0caa6b6..6dc7229b574 100644 --- a/dlls/gdi32/emfdc.c +++ b/dlls/gdi32/emfdc.c @@ -197,9 +197,16 @@ static DWORD emfdc_create_brush( struct emf *emf, HBRUSH brush ) info_size = get_dib_info_size( info, usage ); emr = HeapAlloc( GetProcessHeap(), 0, - sizeof(EMRCREATEDIBPATTERNBRUSHPT)+info_size+info->bmiHeader.biSizeImage ); + sizeof(EMRCREATEDIBPATTERNBRUSHPT) + sizeof(DWORD) + + info_size+info->bmiHeader.biSizeImage ); if(!emr) break; + /* FIXME: There is an extra DWORD written by native before the BMI. + * Not sure what it's meant to contain. + */ + emr->offBmi = sizeof( EMRCREATEDIBPATTERNBRUSHPT ) + sizeof(DWORD); + *(DWORD *)(emr + 1) = 0x20000000; + if (logbrush.lbStyle == BS_PATTERN && info->bmiHeader.biBitCount == 1) { /* Presumably to reduce the size of the written EMF, MS supports an @@ -211,16 +218,11 @@ static DWORD emfdc_create_brush( struct emf *emf, HBRUSH brush ) */ emr->emr.iType = EMR_CREATEMONOBRUSH; usage = DIB_PAL_MONO; - /* FIXME: There is an extra DWORD written by native before the BMI. - * Not sure what it's meant to contain. - */ - emr->offBmi = sizeof( EMRCREATEDIBPATTERNBRUSHPT ) + sizeof(DWORD); emr->cbBmi = sizeof( BITMAPINFOHEADER ); } else { emr->emr.iType = EMR_CREATEDIBPATTERNBRUSHPT; - emr->offBmi = sizeof( EMRCREATEDIBPATTERNBRUSHPT ); emr->cbBmi = info_size; } emr->ihBrush = index = emfdc_add_handle( emf, brush );