From 40d0de7a668ea4c95cdf06af4a1554ff0be6936d Mon Sep 17 00:00:00 2001 From: Simon Tatham Date: Fri, 14 Jul 2023 08:09:51 +0100 Subject: [PATCH] grid_edge_bydots_cmpfn: remove dangerous pointer comparison. Commit e6cdd70df867f06 made the grid_dot structures for a grid no longer be elements of the same array. But I didn't notice that grid_edge_bydots_cmpfn was doing pointer subtraction on them on the assumption that they were. Fixed by comparing the dots' new index fields, which should correspond exactly to their previous positions in the single array, so the behaviour should be just what it was before the change. --- grid.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/grid.c b/grid.c index 90a9278..04bb8a3 100644 --- a/grid.c +++ b/grid.c @@ -342,21 +342,23 @@ static int grid_edge_bydots_cmpfn(void *v1, void *v2) grid_edge *b = v2; grid_dot *da, *db; - /* Pointer subtraction is valid here, because all dots point into the - * same dot-list (g->dots). - * Edges are not "normalised" - the 2 dots could be stored in any order, + /* Edges are not "normalised" - the 2 dots could be stored in any order, * so we need to take this into account when comparing edges. */ /* Compare first dots */ da = (a->dot1 < a->dot2) ? a->dot1 : a->dot2; db = (b->dot1 < b->dot2) ? b->dot1 : b->dot2; - if (da != db) - return db - da; + if (da->index < db->index) + return -1; + if (da->index > db->index) + return +1; /* Compare last dots */ da = (a->dot1 < a->dot2) ? a->dot2 : a->dot1; db = (b->dot1 < b->dot2) ? b->dot2 : b->dot1; - if (da != db) - return db - da; + if (da->index < db->index) + return -1; + if (da->index > db->index) + return +1; return 0; }