rec.games.roguelike.development looking glass

**As of March 31 2008, my ISP's USENET feed provider ceased to exist (buyout by another company). Since that date, I no longer have any access to the USENET. Therefore, I am forced to discontinue r.g.r.a frontend on Angband.oook.cz website.**

**From:**Keith H Duggar <duggar@alum.mit.edu>

**Subject:**Re: Help wanted - problems with heap

**Date:**2007-12-03 00:22:22

**Agent:**G2/1.0

`andrewdoull wrote:`

> (From those details) This project's BerliOS Developer SVN repository can be

> checked out through anonymous (svnserve) SVN with the following instruction

> set.

>

> svn checkout svn://svn.berlios.de/unangband/trunk

>

> The problematic routine is draw_maze in generate.c which you can browse here:http://svn.berlios.de/wsvn/unangband/trunk/unangband/src/generate.c?o...

To my eyes there is quite a bit of suspicious activity in

that code. For example

/* Save the existing terrain to overwrite the maze later */

if ((flag & (MAZE_SAVE)) != 0)

{

/*saved = C_ZNEW((3 + y2 - y1) * (3 + x2 - x1), s16b);*/

/* Save grids */

for (y = 0; y <= y2 - y1; y++)

{

for (x = 0; x <= x2 - x1; x++)

{

saved[y * (2 + y2 - y1) + x] = cave_feat[y + y1][x + x1];

}

}

}

you are creating a linear index for saved[] from (x y). But,

the standard conversion equations are

index = y * dx + x : row-major

index = x * dy + y : col-major

not

index = y * (dy-1) + x

as you have written. For example, suppose

y1 = 0 y2 = 40

x1 = 0 x2 = 20

then

dy = 43 = 3 + 40 - 0

dx = 23 = 3 + 20 - 0

and saved with have size 989 = 43 * 23. However, the index

in the nested loop will run as high as

y = 40 = 40 - 0

x = 20 = 20 - 0

i = 1826 = 40 * (42 = 2+y2-y1) + 20

which is clearly out of bounds. And I haven't looked through

the rest of the code by why the +3? According to the comment

it seems it should be +1. How about this code instead

/* Save the existing terrain to overwrite the maze later */

if ((flag & (MAZE_SAVE)) != 0)

{

int const dx = 1 + x2 - x1 ;

int const dy = 1 + y2 - y1 ;

saved = C_ZNEW(dx*dy,s16b) ;

/* Save grids */

for ( int y = 0 ; y < dy ; ++y )

{

for ( int x = 0 ; x < dx ; ++x )

{

saved[x + y*dy] = cave_feat[y + y1][x + x1] ;

}

}

}

?

KHD

> (From those details) This project's BerliOS Developer SVN repository can be

> checked out through anonymous (svnserve) SVN with the following instruction

> set.

>

> svn checkout svn://svn.berlios.de/unangband/trunk

>

> The problematic routine is draw_maze in generate.c which you can browse here:http://svn.berlios.de/wsvn/unangband/trunk/unangband/src/generate.c?o...

To my eyes there is quite a bit of suspicious activity in

that code. For example

/* Save the existing terrain to overwrite the maze later */

if ((flag & (MAZE_SAVE)) != 0)

{

/*saved = C_ZNEW((3 + y2 - y1) * (3 + x2 - x1), s16b);*/

/* Save grids */

for (y = 0; y <= y2 - y1; y++)

{

for (x = 0; x <= x2 - x1; x++)

{

saved[y * (2 + y2 - y1) + x] = cave_feat[y + y1][x + x1];

}

}

}

you are creating a linear index for saved[] from (x y). But,

the standard conversion equations are

index = y * dx + x : row-major

index = x * dy + y : col-major

not

index = y * (dy-1) + x

as you have written. For example, suppose

y1 = 0 y2 = 40

x1 = 0 x2 = 20

then

dy = 43 = 3 + 40 - 0

dx = 23 = 3 + 20 - 0

and saved with have size 989 = 43 * 23. However, the index

in the nested loop will run as high as

y = 40 = 40 - 0

x = 20 = 20 - 0

i = 1826 = 40 * (42 = 2+y2-y1) + 20

which is clearly out of bounds. And I haven't looked through

the rest of the code by why the +3? According to the comment

it seems it should be +1. How about this code instead

/* Save the existing terrain to overwrite the maze later */

if ((flag & (MAZE_SAVE)) != 0)

{

int const dx = 1 + x2 - x1 ;

int const dy = 1 + y2 - y1 ;

saved = C_ZNEW(dx*dy,s16b) ;

/* Save grids */

for ( int y = 0 ; y < dy ; ++y )

{

for ( int x = 0 ; x < dx ; ++x )

{

saved[x + y*dy] = cave_feat[y + y1][x + x1] ;

}

}

}

?

KHD

Help wanted - problems with heap | 12 posts | |
---|---|---|

..... andrewdoull | 2007-12-02 00:54:57 | 51 |

.......... tyrecius13@yahoo.com | 2007-12-02 07:56:11 | 62 |

............... andrewdoull | 2007-12-02 11:56:17 | 92 |

.................... tyrecius13@yahoo.com | 2007-12-02 17:58:51 | 91 |

......................... andrewdoull | 2007-12-02 23:02:57 | 50 |

.............................. Keith H Duggar | 2007-12-03 00:22:22 | 78 |

................................... Keith H Duggar | 2007-12-03 00:24:44 | 6 |

........................................ andrewdoull | 2007-12-03 01:21:36 | 22 |

............................................. Kenneth 'Bessarion' Boyd | 2007-12-03 01:54:07 | 22 |

.............................. Jeff Lait | 2007-12-03 01:26:01 | 43 |

................................... andrewdoull | 2007-12-03 01:36:12 | 69 |

.......... Jeff Lait | 2007-12-02 19:14:44 | 84 |

Post follow-up | Back to thread list | ROT13