pacman crashed with SIGSEGV in is_bonus_dot()

StacktraceTop:
 is_bonus_dot (pp=pp@entry=0x1d24780, x=20, y=19, idx=idx@entry=0x7fff5eb693ec) at pacman_level.c:544
 ate_bonus_dot (mi=0x1d09c00) at pacman.c:1109
 pacman_tick (mi=0x1d09c00) at pacman.c:1181
 xlockmore_draw (dpy=<optimized out>, window=<optimized out>, closure=0x1d09c00) at xlockmore.c:497
 run_screenhack_table (ft=0x6143c0 <pacman_xscreensaver_function_table>, window2=0, window=25181621, dpy=0x1d11200) at screenhack.c:553

Possible off-by-one here, there are only NUM_BONUS_DOTS (4) bonus points, so index 4 is bad:
http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/saucy/xscreensaver/saucy/view/head:/hacks/pacman_level.c#L542
(and on line 556)

The array of bonus_dot bonus_dots[NUM_BONUS_DOTS] is defined on http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/saucy/xscreensaver/saucy/view/head:/hacks/pacman.h#L221

Suggestion for patch: replace <= with < on lines 542 and 556.

BTW, I wonder if the stack is messed up. The stacktrace says:
#0 is_bonus_dot (pp=pp@entry=0x1d24780, x=20, y=19, idx=idx@entry=0x7fff5eb693ec) at pacman_level.c:544
        ret = 0
        i = 146321

But the loop variable "i" only goes from 0 to 4. (And should probably only go to 3.)

gcc developer says gcc 4.8 does this type of "aggressive optimization" when loop contains undefined behavior, ref:

http://gcc.gnu.org/gcc-4.8/porting_to.html
https://lists.fedoraproject.org/pipermail/devel/2013-January/175876.html

i.e. loop may be "optimized" into endless loop.

By the way, I have sent the same patch to the upstream, which was accepted on 2013-06-10.

Great, I also sent a patch upstream :) http://anonscm.debian.org/gitweb/?p=collab-maint/xscreensaver.git;a=commitdiff;h=8df7ba6597ebafe5321c66846f22ee9326902d49 but never heard back from him. So it will be fixed in Debian as soon as I get to release a 5.21 package.

Your patch is included in 5.22.

This bug was fixed in the package xscreensaver - 5.26-1ubuntu1

---------------
xscreensaver (5.26-1ubuntu1) utopic; urgency=low

  * Dropped Ubuntu changes:
    - Ubuntu delta to the screensavers sets.
    - Keep Debian Vcs-* links instead of the ~ubuntu-desktop team bzr
      repository: the Desktop team does not have interest any more.
    - The Ubuntu changes to the descriptions.
  * Merge from Debian unstable. (LP: #1283459) Remaining changes:
    - debian/control:
      + Breaks/Replaces: the old changes are not needed anymore, but the
        new changes the screensavers sets needs it.
    - debian/rules:
      + Use /usr/share/backgrounds as image directory.
      + Add translation domain to .desktop files.
    - debian/source_xscreensaver.py:
      + Add apport hook.
    - debian/xscreensaver.dirs:
      + Install /usr/share/backgrounds. By default, settings search in
        /usr/share/backgrounds and without it, it displays an error.
    - debian/patch/90_ubuntu-branding.patch: Use Ubuntu branding.
    - debian/patches/60_sequential_glslideshow.patch:
      + Allow going through images sequentially rather than just at random in
        the GLSlideshow hack.

xscreensaver (5.26-1) unstable; urgency=low

  * New upstream release 5.26, changes since 5.23:
    - Updated feed-loading for recent Flickr changes.
    - Updated `webcollage' for recent Google changes.
    - Added Instagram and Bing as `webcollage' image sources.
    - Updated to latest autoconf.
    - Bug fixes.
  * Drop patch applied upstream:
    - debian/patches/12_upstream_use_cppflags.patch
  * Bump Standards-Version to 3.9.5 (no changes needed)

xscreensaver (5.23-1) unstable; urgency=low

  * New upstream release 5.23 (Closes: #729311)
    - New hack, geodesic
    - More heuristics for using RSS feeds as image sources
    - Improved Wikipedia parser
    - Updated webcollage for recent Flickr changes
    - Added Android to bsod
    - Made quasicrystal work on weak graphics cards
    - Better compression on icons, plists and XML files
    - Reverted that DEACTIVATE change. Bad idea.
    - Phosphor now supports amber as well as green
  * Dropped patches applied upstream:
    - 12_upstream_quasicrystal_texture_width.patch
    - 14_upstream_hexadrop_keyboard_exit.patch
    - 15_upstream_activate_faster_nontty.patch
  * debian/patches/12_upstream_use_cppflags.patch:
    Make sure CPPFLAGS are used (fixes hardening warnings)
  * debian/control: Update VCS fields (fixes Lintian warning)

xscreensaver (5.22-1) unstable; urgency=low

  * New upstream release 5.22 (Closes: #699833), changes since 5.15:
    - XInput devices now also ignore small mouse motions
    - Loading images via RSS feeds is much improved
    - Enlarged the texture image for lament
    - Made pipes be ridiculously less efficient, but spin
    - Added better mouse control to rubik, cube21, crackberg, and julia
    - Cosmetic improvements to queens and endgame
    - sonar can now ping local subnet on DHCP
    - Most savers now resize/rotate properly
    - New version of `fireworkx'
    - Minor fixes to `distort', `fontglide', `xmatrix'
    - New MacOS crash in `bsod'
    - New mode in `lcdscrub'
    - Gnome/KD...

can we please get this in the Trusty repos?

Hi, can you please advise me on the how to.
Would appreciate it.
Regards
Eric Tennant

What how to?

On 05/12/2015 01:47 PM, eric tennant wrote:
> Hi, can you please advise me on the how to.
> Would appreciate it.
> Regards
> Eric Tennant
>