[haiku-commits] r39951 - haiku/trunk/src/kits/interface

• From: zooey@xxxxxxxxxxxxxxx
• To: haiku-commits@xxxxxxxxxxxxx
• Date: Sun, 26 Dec 2010 16:50:08 +0100 (CET)

Author: zooey
Date: 2010-12-26 16:50:08 +0100 (Sun, 26 Dec 2010)
New Revision: 39951
Changeset: http://dev.haiku-os.org/changeset/39951

Modified:
   haiku/trunk/src/kits/interface/Shape.cpp
Log:
Fix CID-8112 & -8113 (strange pointer arithmetic)
* BShape:: AddShape(): drop manual multiplication in typed pointer 
  arithmetic - addding the number of elements to a typed pointer
  will already move that pointer in steps of sizeof(type). 
The effect of this bug would be overwritten memory somewhere behind the data 
array.


Modified: haiku/trunk/src/kits/interface/Shape.cpp
===================================================================
--- haiku/trunk/src/kits/interface/Shape.cpp    2010-12-26 15:26:58 UTC (rev 
39950)
+++ haiku/trunk/src/kits/interface/Shape.cpp    2010-12-26 15:50:08 UTC (rev 
39951)
@@ -343,11 +343,11 @@
        if (!AllocateOps(otherData->opCount) || 
!AllocatePts(otherData->ptCount))
                return B_NO_MEMORY;
 
-       memcpy(data->opList + data->opCount * sizeof(uint32), otherData->opList,
+       memcpy(data->opList + data->opCount, otherData->opList,
                otherData->opCount * sizeof(uint32));
        data->opCount += otherData->opCount;
 
-       memcpy(data->ptList + data->ptCount * sizeof(BPoint), otherData->ptList,
+       memcpy(data->ptList + data->ptCount, otherData->ptList,
                otherData->ptCount * sizeof(BPoint));
        data->ptCount += otherData->ptCount;
 

Other related posts:

• » [haiku-commits] r39951 - haiku/trunk/src/kits/interface - zooey

1. Home
2. haiku-commits
3. Archive
4. 12-2010

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---