I got two segfaults in powermanga 0.90-dfsg-2 today, on amd64. For the second of them, I had gdb waiting. I don't have exact symbols but the crash appears to be a null pointer dereference in shot_display(): bullet->spr.trajectory is 1 (homing), and bullet->img_old_angle and bullet->spr.numof_images are both 32; that means bullet->img_old_angle is out of range. The function then dereferences bullet->spr.img[bullet->img_old_angle], which is NULL.
In shot_display(), there is code that tries to keep bullet->img_angle within range. I suppose the bullet->img_old_angle assignment should be moved below that. (I think the crash in the coordinate calculation could alternatively be fixed by using bullet->img_angle there instead of img_old_angle, but the out-of-range value would then just cause a similar crash elsewhere.) While looking at this, I found some suspicious code in shots_handle() too. Namely, there is one place where it calls shot_delete and then decrements i. It seems this could cause it to run past the end of the linked list.
pgpXnd2Com8Nr.pgp
Description: PGP signature

