From: Matteo Bruni <mbruni@codeweavers.com>
Subject: [PATCH 1/5] d3dx9: Avoid reading outside of the allocated surface memory (Valgrind).
Message-Id: <1409157652-16487-1-git-send-email-mbruni@codeweavers.com>
Date: Wed, 27 Aug 2014 18:40:48 +0200

---
 dlls/d3dx9_36/surface.c | 34 +++++++++++++++++++++++++---------
 1 file changed, 25 insertions(+), 9 deletions(-)

diff --git a/dlls/d3dx9_36/surface.c b/dlls/d3dx9_36/surface.c
index ad38444..c91048b 100644
--- a/dlls/d3dx9_36/surface.c
+++ b/dlls/d3dx9_36/surface.c
@@ -1366,12 +1366,28 @@ static void init_argb_conversion_info(const struct pixel_format_desc *srcformat,
  * Extracts the relevant components from the source color and
  * drops the less significant bits if they aren't used by the destination format.
  */
-static void get_relevant_argb_components(const struct argb_conversion_info *info, DWORD col, DWORD *out)
+static void get_relevant_argb_components(const struct argb_conversion_info *info, const BYTE *col, DWORD *out)
 {
-    UINT i = 0;
-    for(;i < 4;i++)
-        if(info->process_channel[i])
-            out[i] = (col & info->srcmask[i]) >> info->srcshift[i];
+    unsigned int i, j;
+    unsigned int component, mask;
+
+    for (i = 0; i < 4; ++i)
+    {
+        if (!info->process_channel[i])
+            continue;
+
+        component = 0;
+        mask = info->srcmask[i];
+        for (j = 0; j < 4 && mask; ++j)
+        {
+            if (info->srcshift[i] < j * 8)
+                component |= (col[j] & mask) << (j * 8 - info->srcshift[i]);
+            else
+                component |= (col[j] & mask) >> (info->srcshift[i] - j * 8);
+            mask >>= 8;
+        }
+        out[i] = component;
+    }
 }
 
 /************************************************************
@@ -1549,14 +1565,14 @@ void convert_argb_pixels(const BYTE *src, UINT src_row_pitch, UINT src_slice_pit
                 {
                     DWORD val;
 
-                    get_relevant_argb_components(&conv_info, *(DWORD *)src_ptr, channels);
+                    get_relevant_argb_components(&conv_info, src_ptr, channels);
                     val = make_argb_color(&conv_info, channels);
 
                     if (color_key)
                     {
                         DWORD ck_pixel;
 
-                        get_relevant_argb_components(&ck_conv_info, *(DWORD *)src_ptr, channels);
+                        get_relevant_argb_components(&ck_conv_info, src_ptr, channels);
                         ck_pixel = make_argb_color(&ck_conv_info, channels);
                         if (ck_pixel == color_key)
                             val &= ~conv_info.destmask[0];
@@ -1652,14 +1668,14 @@ void point_filter_argb_pixels(const BYTE *src, UINT src_row_pitch, UINT src_slic
                 {
                     DWORD val;
 
-                    get_relevant_argb_components(&conv_info, *(DWORD *)src_ptr, channels);
+                    get_relevant_argb_components(&conv_info, src_ptr, channels);
                     val = make_argb_color(&conv_info, channels);
 
                     if (color_key)
                     {
                         DWORD ck_pixel;
 
-                        get_relevant_argb_components(&ck_conv_info, *(DWORD *)src_ptr, channels);
+                        get_relevant_argb_components(&ck_conv_info, src_ptr, channels);
                         ck_pixel = make_argb_color(&ck_conv_info, channels);
                         if (ck_pixel == color_key)
                             val &= ~conv_info.destmask[0];
-- 
1.8.5.5