Package: ace-of-penguins Version: 1.2-8 Severity: normal This bug was originally reported for the package "libc6", file malloc.c, see bug #540373.
I used the package "electric-fence" to pinpoint the cause. It was reading an array[-1] element, that later caused malloc to signal a segmentation fault. I applied two one-line patches. I tested the patched ace-canfield game, where I discovered the segmentation fault, and there are so far no faults. I tested once other card games, that use the "stack.c" program, and there was no malfunction. stack.c is the (one line) patched version from debian, not the original. --- stack.c 2009-08-22 15:08:02.000000000 +0000 +++ stack_patched.c 2009-08-22 15:12:01.000000000 +0000 @@ -554,8 +554,9 @@ void stack_flip_card(Stack *src, Stack *dest) { + if (src->num_cards < 1) return; // used as an index in an array stack_note_undo(src, src->num_cards-1, dest); doing_undo = 1; if (src != dest) { @@ -595,8 +596,9 @@ else { undo = (Undo *)malloc(max_undo * sizeof(Undo)); } } + if (src->num_cards < 1) return; // used as an index in an array undo[num_undo].src = src; undo[num_undo].dest = dest; undo[num_undo].count = stack_count_cards(src) - n + 1; undo[num_undo].facedown = src->cards[src->num_cards-1] & FACEDOWN; -- System Information: Debian Release: 5.0.2 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i586) Kernel: Linux 2.6.26b Locale: LANG=is_IS, LC_CTYPE=is_IS (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash Versions of packages ace-of-penguins depends on: ii libc6 2.7-18 GNU C Library: Shared libraries ii libpng12-0 1.2.27-2+lenny2 PNG library - runtime ii libx11-6 2:1.1.5-2 X11 client-side library ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime ace-of-penguins recommends no packages. ace-of-penguins suggests no packages. -- no debconf information -- B. Gislason -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org