From: Gabriel Ivăncescu Subject: [PATCH v2 1/2] comctl32/listbox: Fix InitStorage heap extension Message-Id: <4e2c3fd98299b988e619e52f221223d69ecc74f4.1537371484.git.gabrielopcode@gmail.com> Date: Wed, 19 Sep 2018 18:38:27 +0300 Signed-off-by: Gabriel Ivăncescu --- v2: Assume LB_ARRAY_GRANULARITY is a power of 2 and note it in the comments. Only increase the item array if we actually have to. Previously, sending for example just 1 to nb_items repeatedly would always increase the array by LB_ARRAY_GRANULARITY, even if there was plenty of space. dlls/comctl32/listbox.c | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/dlls/comctl32/listbox.c b/dlls/comctl32/listbox.c index 2137ef8..5c171ab 100644 --- a/dlls/comctl32/listbox.c +++ b/dlls/comctl32/listbox.c @@ -41,7 +41,7 @@ WINE_DEFAULT_DEBUG_CHANNEL(listbox); -/* Items array granularity */ +/* Items array granularity; must be a power of 2 */ #define LB_ARRAY_GRANULARITY 16 /* Scrolling timeout in ms */ @@ -673,16 +673,18 @@ static LRESULT LISTBOX_InitStorage( LB_DESCR *descr, INT nb_items ) { LB_ITEMDATA *item; - nb_items += LB_ARRAY_GRANULARITY - 1; - nb_items -= (nb_items % LB_ARRAY_GRANULARITY); if (descr->items) { - nb_items += HeapSize( GetProcessHeap(), 0, descr->items ) / sizeof(*item); - item = HeapReAlloc( GetProcessHeap(), 0, descr->items, - nb_items * sizeof(LB_ITEMDATA)); + nb_items += descr->nb_items; + if (nb_items > HeapSize(GetProcessHeap(), 0, descr->items) / sizeof(*item)) + { + UINT n = (nb_items + LB_ARRAY_GRANULARITY - 1) & ~(LB_ARRAY_GRANULARITY - 1); + item = HeapReAlloc(GetProcessHeap(), 0, descr->items, n * sizeof(*item)); + } + else return LB_OKAY; } else { - item = HeapAlloc( GetProcessHeap(), 0, - nb_items * sizeof(LB_ITEMDATA)); + UINT n = (nb_items + LB_ARRAY_GRANULARITY - 1) & ~(LB_ARRAY_GRANULARITY - 1); + item = HeapAlloc(GetProcessHeap(), 0, n * sizeof(*item)); } if (!item) -- 1.9.1