From 1ff1e1116147a7364be51c629e22f0c0c79a165f Mon Sep 17 00:00:00 2001
From: Huw Davies <huw@codeweavers.com>
Date: Wed, 3 Feb 2010 14:33:06 +0000
Subject: [PATCH] gdi32: Zero pad the facename buffer so that we don't write
 uninitialized data to the metafile.

Found by Valgrind.
---
 dlls/gdi32/mfdrv/objects.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/dlls/gdi32/mfdrv/objects.c b/dlls/gdi32/mfdrv/objects.c
index a7a442b39a5..c6a68cac6fe 100644
--- a/dlls/gdi32/mfdrv/objects.c
+++ b/dlls/gdi32/mfdrv/objects.c
@@ -365,6 +365,7 @@ static UINT16 MFDRV_CreateFontIndirect(PHYSDEV dev, HFONT hFont, LOGFONTW *logfo
     char buffer[sizeof(METARECORD) - 2 + sizeof(LOGFONT16)];
     METARECORD *mr = (METARECORD *)&buffer;
     LOGFONT16 *font16;
+    INT written;
 
     mr->rdSize = (sizeof(METARECORD) + sizeof(LOGFONT16) - 2) / 2;
     mr->rdFunction = META_CREATEFONTINDIRECT;
@@ -383,8 +384,9 @@ static UINT16 MFDRV_CreateFontIndirect(PHYSDEV dev, HFONT hFont, LOGFONTW *logfo
     font16->lfClipPrecision  = logfont->lfClipPrecision;
     font16->lfQuality        = logfont->lfQuality;
     font16->lfPitchAndFamily = logfont->lfPitchAndFamily;
-    WideCharToMultiByte( CP_ACP, 0, logfont->lfFaceName, -1, font16->lfFaceName, LF_FACESIZE, NULL, NULL );
-    font16->lfFaceName[LF_FACESIZE-1] = 0;
+    written = WideCharToMultiByte( CP_ACP, 0, logfont->lfFaceName, -1, font16->lfFaceName, LF_FACESIZE - 1, NULL, NULL );
+    /* Zero pad the facename buffer, so that we don't write uninitialized data to disk */
+    memset(font16->lfFaceName + written, 0, LF_FACESIZE - written);
 
     if (!(MFDRV_WriteRecord( dev, mr, mr->rdSize * 2)))
         return 0;
-- 
2.11.4.GIT