From dd0a7078e0acd55f9cc5ac0afbf6342af8a53ae4 Mon Sep 17 00:00:00 2001 From: Nikolay Sivov Date: Mon, 19 Oct 2009 23:40:28 +0400 Subject: [PATCH] gdi32: Prevent possible buffer overrun. --- dlls/gdi32/font.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dlls/gdi32/font.c b/dlls/gdi32/font.c index c81a9c82222..ed64166d176 100644 --- a/dlls/gdi32/font.c +++ b/dlls/gdi32/font.c @@ -2596,13 +2596,13 @@ BOOL WINAPI TranslateCharsetInfo( int index = 0; switch (flags) { case TCI_SRCFONTSIG: - while (!(*lpSrc>>index & 0x0001) && index>index & 0x0001)) index++; break; case TCI_SRCCODEPAGE: - while (PtrToUlong(lpSrc) != FONT_tci[index].ciACP && index < MAXTCIINDEX) index++; + while (index < MAXTCIINDEX && PtrToUlong(lpSrc) != FONT_tci[index].ciACP) index++; break; case TCI_SRCCHARSET: - while (PtrToUlong(lpSrc) != FONT_tci[index].ciCharset && index < MAXTCIINDEX) index++; + while (index < MAXTCIINDEX && PtrToUlong(lpSrc) != FONT_tci[index].ciCharset) index++; break; default: return FALSE;