When started, braincurses crashes because glibc detects a buffer overflow in the code. Reproducible: Always Steps to Reproduce: The backtrace points at the culprit: (gdb) bt #0 0x00007ffff70c01b5 in *__GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64 #1 0x00007ffff70c15e0 in *__GI_abort () at abort.c:92 #2 0x00007ffff70fae77 in __libc_message (do_abort=<value optimized out>, fmt=<value optimized out>) at ../sysdeps/unix/sysv/linux/libc_fatal.c:186 #3 0x00007ffff7174ec7 in *__GI___fortify_fail ( msg=0x7ffff71ad194 "buffer overflow detected") at fortify_fail.c:32 #4 0x00007ffff7172d20 in *__GI___chk_fail () at chk_fail.c:29 #5 0x00007ffff7172089 in _IO_str_chk_overflow (fp=0x7367, c=29543) at vsprintf_chk.c:35 #6 0x00007ffff70feb35 in _IO_default_xsputn (f=0x7fffffffdc40, data=<value optimized out>, n=6) at genops.c:485 #7 0x00007ffff70d0dce in _IO_vfprintf_internal (s=0x7fffffffdc40, format=<value optimized out>, ap=0x7fffffffdd70) at vfprintf.c:1592 #8 0x00007ffff717212d in ___vsprintf_chk ( s=0x7fffffffdfb0 " \034\267\367\377\177", flags=1, slen=2, format=0x4037b3 "%2d", args=0x7fffffffdd70) at vsprintf_chk.c:87 #9 0x00007ffff717206f in ___sprintf_chk ( s=0x7367 <Address 0x7367 out of bounds>, flags=29543, slen=6, format=0xffffffffffffffff <Address 0xffffffffffffffff out of bounds>) at sprintf_chk.c:33 #10 0x0000000000403029 in sprintf (argv=<value optimized out>, argc=<value optimized out>) at /usr/include/bits/stdio2.h:35 #11 main (argv=<value optimized out>, argc=<value optimized out>) at curses/windows.cpp:90 The following piece of code is the source of the problem: char guessLabel[2]; for( int i = 1; i <= maxGuesses; i++ ) { sprintf( guessLabel, "%2d", i ); Because sprintf needs a third byte to store the null character.
Created attachment 216545 [details, diff] This patch fixes the crash issue The problematic guessLabel is extended to 3 bytes and snprintf is used instead of sprintf.
Created attachment 216546 [details, diff] Patch for the ebuild to use the new patch
fixed in portage. thanks for the bug report.