Segfault when taking snapshot

Found a bug in R'n'D? Report it here!

Moderators: Flumminator, Zomis

Post Reply
snert
Posts: 1
Joined: Tue Mar 23, 2010 10:09 am

Segfault when taking snapshot

Post by snert »

When I press F1 and confirm that I want to override the old tape, RnD 3.2.6.1 writes past the end of an array, tries to free() an invalid pointer, and segfaults.

The fix:

Code: Select all

--- src/game.c.orig	2010-03-23 22:57:15.000000000 +1100
+++ src/game.c	2010-03-23 22:56:56.000000000 +1100
@@ -16401,8 +16401,8 @@
       int graphic = el2img(element);
       int anim_mode = graphic_info[graphic].anim_mode;
 
-      engine_snapshot_rnd.belt_graphic[i * 4 + j] = graphic;
-      engine_snapshot_rnd.belt_anim_mode[i * 4 + j] = anim_mode;
+      engine_snapshot_rnd.belt_graphic[i * NUM_BELT_PARTS + j] = graphic;
+      engine_snapshot_rnd.belt_anim_mode[i * NUM_BELT_PARTS + j] = anim_mode;
     }
   }
 }
Terrific game, by the way.
User avatar
Holger
Site Admin
Posts: 4073
Joined: Fri Jun 18, 2004 4:13 pm
Location: Germany
Contact:

Post by Holger »

Yep, right -- this bug will be fixed in the next release version.

Thanks for the patch!
Post Reply