Author: Dan Dennedy <dan@dennedy.org>
Last-Update: 2014-04-27
Forwarded: yes
Origin: upstream, http://git.dyne.org/frei0r/commit/?id=fc84121
Description: Fix array out-of-bounds error in partik0l.

When using rand(), it may make sense to use RAND_MAX. But in a build
made on MinGW RAND_MAX is equivalent to a SHRT_MAX, which results in
crashes in blossom_recal() due to accessing the prime array outside of
its bounds. INT_MAX was chosen because on Linux, RAND_MAX is equivalent
to INT_MAX, and UINT_MAX gives different results visually.
---
 src/generator/partik0l/partik0l.cpp | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/src/generator/partik0l/partik0l.cpp b/src/generator/partik0l/partik0l.cpp
index 6dd5a8a..87728c7 100644
--- a/src/generator/partik0l/partik0l.cpp
+++ b/src/generator/partik0l/partik0l.cpp
@@ -38,6 +38,7 @@
 
 #include <time.h>
 #include <inttypes.h>
+#include <limits.h>
 
 /* defines for blob size and roundness */
 #define LIM 8 // 25
@@ -185,13 +186,13 @@ void Partik0l::update() {
 
 void Partik0l::blossom_recal(bool r) {
 
-  float z = ((PRIMES-2)*fastrand()/RAND_MAX)+1;
-  blossom_m = 1.0+(30.0)*fastrand()/RAND_MAX;
-  blossom_n = 1.0+(30.0)*fastrand()/RAND_MAX;
-  blossom_i = prime[ (int) (z*fastrand()/RAND_MAX) ];
-  blossom_j = prime[ (int) (z*fastrand()/RAND_MAX) ];
-  blossom_k = prime[ (int) (z*fastrand()/RAND_MAX) ];
-  blossom_l = prime[ (int) (z*fastrand()/RAND_MAX) ];
+  float z = ((PRIMES-2)*fastrand()/INT_MAX)+1;
+  blossom_m = 1.0+(30.0)*fastrand()/INT_MAX;
+  blossom_n = 1.0+(30.0)*fastrand()/INT_MAX;
+  blossom_i = prime[ (int) (z*fastrand()/INT_MAX) ];
+  blossom_j = prime[ (int) (z*fastrand()/INT_MAX) ];
+  blossom_k = prime[ (int) (z*fastrand()/INT_MAX) ];
+  blossom_l = prime[ (int) (z*fastrand()/INT_MAX) ];
   wd = (double)w;
   hd = (double)h;
   if(r)
-- 
2.0.0.rc2