Package: ace-of-penguins
Version: 1.2-8
Severity: normal
This bug was originally reported for the package "libc6", file
malloc.c, see bug #540373.
I used the package "electric-fence" to pinpoint the cause. It
was reading an array[-1] element, that later caused malloc to
signal a segmentation fault.
I applied two one-line patches. I tested the patched
ace-canfield game, where I discovered the segmentation
fault, and there are so far no faults. I tested once other card
games, that use the "stack.c" program, and there was no
malfunction.
stack.c is the (one line) patched version from debian, not the
original.
--- stack.c 2009-08-22 15:08:02.000000000 +0000
+++ stack_patched.c 2009-08-22 15:12:01.000000000 +0000
@@ -554,8 +554,9 @@
void
stack_flip_card(Stack *src, Stack *dest)
{
+ if (src->num_cards < 1) return; // used as an index in an array
stack_note_undo(src, src->num_cards-1, dest);
doing_undo = 1;
if (src != dest)
{
@@ -595,8 +596,9 @@
else {
undo = (Undo *)malloc(max_undo * sizeof(Undo));
}
}
+ if (src->num_cards < 1) return; // used as an index in an array
undo[num_undo].src = src;
undo[num_undo].dest = dest;
undo[num_undo].count = stack_count_cards(src) - n + 1;
undo[num_undo].facedown = src->cards[src->num_cards-1] & FACEDOWN;
-- System Information:
Debian Release: 5.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i586)
Kernel: Linux 2.6.26b
Locale: LANG=is_IS, LC_CTYPE=is_IS (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages ace-of-penguins depends on:
ii libc6 2.7-18 GNU C Library: Shared libraries
ii libpng12-0 1.2.27-2+lenny2 PNG library - runtime
ii libx11-6 2:1.1.5-2 X11 client-side library
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
ace-of-penguins recommends no packages.
ace-of-penguins suggests no packages.
-- no debconf information
--
B. Gislason
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
