From 7cdd156bcecda18d83237b7b8ff537ac10a8c0ba Mon Sep 17 00:00:00 2001
From: Cameron Gutman <aicommander@gmail.com>
Date: Thu, 7 Mar 2024 00:59:40 -0600
Subject: [PATCH] Fix heap corruption with cursor pixel counts that aren't
 divisible by 8

---
 src/platform/windows/display_vram.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/platform/windows/display_vram.cpp b/src/platform/windows/display_vram.cpp
index a56869ea..1baa1282 100644
--- a/src/platform/windows/display_vram.cpp
+++ b/src/platform/windows/display_vram.cpp
@@ -234,7 +234,7 @@ namespace platf::dxgi {
     auto xor_mask = std::begin(img_data) + bytes;
 
     for (auto x = 0; x < bytes; ++x) {
-      for (auto c = 7; c >= 0; --c) {
+      for (auto c = 7; c >= 0 && ((std::uint8_t *) pixel_data) != std::end(cursor_img); --c) {
         auto bit = 1 << c;
         auto color_type = ((*and_mask & bit) ? 1 : 0) + ((*xor_mask & bit) ? 2 : 0);
 
@@ -307,7 +307,7 @@ namespace platf::dxgi {
     auto xor_mask = std::begin(img_data) + bytes;
 
     for (auto x = 0; x < bytes; ++x) {
-      for (auto c = 7; c >= 0; --c) {
+      for (auto c = 7; c >= 0 && ((std::uint8_t *) pixel_data) != std::end(cursor_img); --c) {
         auto bit = 1 << c;
         auto color_type = ((*and_mask & bit) ? 1 : 0) + ((*xor_mask & bit) ? 2 : 0);