diff options
| author | Simon Tatham <anakin@pobox.com> | 2005-06-23 23:11:59 +0000 |
|---|---|---|
| committer | Simon Tatham <anakin@pobox.com> | 2005-06-23 23:11:59 +0000 |
| commit | 75225284c0db99aa14f72a630cc11d3b91ed79cf (patch) | |
| tree | 377a7152135627f57a982cd7477beba82eb439b5 | |
| parent | fda72b0f1edeedb684bdd845b43d7bbed4607d26 (diff) | |
| download | puzzles-75225284c0db99aa14f72a630cc11d3b91ed79cf.zip puzzles-75225284c0db99aa14f72a630cc11d3b91ed79cf.tar.gz puzzles-75225284c0db99aa14f72a630cc11d3b91ed79cf.tar.bz2 puzzles-75225284c0db99aa14f72a630cc11d3b91ed79cf.tar.xz | |
Array overflow fix from James Harvey.
[originally from svn r6005]
| -rw-r--r-- | guess.c | 11 |
1 files changed, 5 insertions, 6 deletions
@@ -221,12 +221,9 @@ static pegrow new_pegrow(int npegs) static pegrow dup_pegrow(pegrow pegs) { - pegrow newpegs = snew(struct pegrow); + pegrow newpegs = new_pegrow(pegs->npegs); - newpegs->npegs = pegs->npegs; - newpegs->pegs = snewn(newpegs->npegs, int); memcpy(newpegs->pegs, pegs->pegs, newpegs->npegs * sizeof(int)); - newpegs->feedback = snewn(newpegs->npegs, int); memcpy(newpegs->feedback, pegs->feedback, newpegs->npegs * sizeof(int)); return newpegs; @@ -325,6 +322,7 @@ static game_state *dup_game(game_state *state) int i; *ret = *state; + ret->guesses = snewn(state->params.nguesses, pegrow); for (i = 0; i < state->params.nguesses; i++) ret->guesses[i] = dup_pegrow(state->guesses[i]); @@ -463,8 +461,9 @@ static int is_markable(game_params *params, pegrow pegs) nrequired = params->allow_blank ? 1 : params->npegs; for (i = 0; i < params->npegs; i++) { - if (pegs->pegs[i] > 0) { - colcount->pegs[pegs->pegs[i]]++; + int c = pegs->pegs[i]; + if (c > 0) { + colcount->pegs[c-1]++; nset++; } } |