I think I have encountered a bug in the dib.c
code. Specifically, the situation is that I am calling SetDIBits on an
hBitmap
that is 24bits deep, and the source bitmap bits is
32bits deep. It appears that XCreateImage() is creating the correct Image
structure, and we then call calloc() to allocate the space for the bits.
We then call X11DRV_DIB_SetImageBits_32().
The issue is that for the case where we have a 24
bit destination, we assume that it is packed into 32bit data, but
we
have only allocated space for 24bits of data, and
we overrun the buffer. Breaking out the case of 24 bits destination,
and
converting the 32bit pixels separately into 24bit
destination fixes this problem. The problem also exists in the
GetDIBits
code, where the assumption is that 24bits is stored
in 32bit format.
rob
|