[Cbc-tickets] [COIN-OR Branch-and-Cut MIP Solver] #181: NULL pointer dereference in
COIN-OR Branch-and-Cut MIP Solver
coin-trac at coin-or.org
Thu Jan 4 23:06:19 EST 2018
#181: NULL pointer dereference in
----------------------+-----------------
Reporter: gy741.kim | Owner: tkr
Type: defect | Status: new
Priority: major | Component: Cbc
Version: trunk | Keywords:
----------------------+-----------------
Hello.
I found a NULL pointer dereference in cbc.
Please confirm.
Thanks.
Summary: NULL pointer dereference
OS: CentOS 7 64bit
Version: Trunk (unstable)
Steps to reproduce:
1.Download the .POC files.
2.Compile the source code with ASan.
3.Execute the following command : ./cbc $POC
{{{
ASAN:DEADLYSIGNAL
=================================================================
==23114==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000018
(pc 0x000001697a01 bp 0x7ffe6bd33f10 sp 0x7ffe6bd33d40 T0)
==23114==The signal is caused by a READ memory access.
==23114==Hint: address points to the zero page.
#0 0x1697a00 in CoinMpsCardReader::cleanCard()
/home/karas/Cbc/CoinUtils/src/CoinMpsIO.cpp:280:19
#1 0x16995b0 in CoinMpsCardReader::nextField()
/home/karas/Cbc/CoinUtils/src/CoinMpsIO.cpp:516:10
#2 0x16aab30 in CoinMpsIO::readMps(int&, CoinSet**&)
/home/karas/Cbc/CoinUtils/src/CoinMpsIO.cpp:1633:18
#3 0x16aa43f in CoinMpsIO::readMps(char const*, char const*, int&,
CoinSet**&) /home/karas/Cbc/CoinUtils/src/CoinMpsIO.cpp:1573:10
#4 0xc2a8db in OsiClpSolverInterface::readMps(char const*, bool, bool)
/home/karas/Cbc/Clp/src/OsiClp/OsiClpSolverInterface.cpp:5765:24
#5 0x561814 in CbcMain1(int, char const**, CbcModel&, int
(*)(CbcModel*, int), CbcSolverUsefulData&)
/home/karas/Cbc/Cbc/src/CbcSolver.cpp:7955:53
#6 0x5254b6 in main /home/karas/Cbc/Cbc/src/CoinSolve.cpp:350:22
#7 0x7fd8c61b21c0 in __libc_start_main /build/glibc-
CxtIbX/glibc-2.26/csu/../csu/libc-start.c:308
#8 0x42e049 in _start (/home/karas/Cbc/run/bin/cbc+0x42e049)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV
/home/karas/Cbc/CoinUtils/src/CoinMpsIO.cpp:280:19 in
CoinMpsCardReader::cleanCard()
==23114==ABORTING
}}}
==========
[Acknowledgement]
This work was supported by ICT R&D program of MSIP/IITP. [R7518-16-1001,
Innovation hub for high Performance Computing]
--
Ticket URL: <https://projects.coin-or.org/Cbc/ticket/181>
COIN-OR Branch-and-Cut MIP Solver <http://projects.coin-or.org/Cbc>
An LP-based branch-and-cut MIP solver.
More information about the Cbc-tickets
mailing list