On Sun, Dec 12, 2004 at 03:05:43PM -0800, Bill Kendrick wrote:
> On Sun, Dec 12, 2004 at 07:38:48PM +0000, Albert Cahalan wrote:
> > Update of /cvsroot/tuxpaint/tuxpaint/src
> > In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv25817/src
> >
> > Modified Files:
> > tuxpaint.c
> > Log Message:
> > moving i-- caused an array overrun w/ SIGSEGV
>
> 8^[
>
> And now tinting stamps crashes again! We need to look into this
> more closely, I guess...
So okay, I'm seriously confused. How did moving i-- cause an array overrun?
This code is crashing for me:
while (i--)
{
mc = work + i;
// if not in the first range, and not in the second range, skip this one
//
if ((mc->hue<lower_hue_1 || mc->hue>upper_hue_1) &&
(mc->hue<lower_hue_2 || mc->hue>upper_hue_2))
continue;
if(mc->sat > max_sat)
{
max_sat = mc->sat;
key_color_ptr = mc;
}
}
I see what's happening. "i" drops down to zero, but you've got a
"goto" in there which jumps back up.
Since "while (i--)" (with "i == 0", where "i" is an unsigned int)
ends up being 'true' ("i" becomes a very large number), the loop gets
executed again, with a bogus value for "i".
Can we get rid of the goto?
-bill!
_______________________________________________
Tuxpaint-dev mailing list
[EMAIL PROTECTED]
http://tux4kids.net/mailman/listinfo/tuxpaint-dev
