[FlopCpp] Crash/Security issue in FlopC++
Gaetano Mendola
mendola at gmail.com
Sat Feb 27 18:18:31 EST 2010
Hi,
I'm in the process of writing some tests, and I'm experiencing random crashes.
The reason for it is quite simple. The crash can be obtained in the
following way:
void crash() {
{
MP_model myModel(new OsiCbcSolverInterface);
}
{
MP_constraint myConstraint;
}
}
what happens is the fact that MP_model has a current and a default model
initialized as follow:
MP_model& MP_model::default_model = *new MP_model(0);
MP_model* MP_model::current_model = &MP_model::default_model;
and MP_model on his CTOR updates the current model:
MP_Model::current_model = this;
MP_constraint on his constructor performs:
MP_model::current_model->add(*this);
As you can see in that crash function as soon the myModel scope is over then
the "MP_model::current_model->add(*this);" dereferences an invalid pointer.
The standard say this is an undefined behavior, it's also a security risk.
In order to properly fix it, I need to know the meaning of
current_model and the
default_model.
A quick fix is to put in the MP_model DTOR the following:
MP_model::current_model = &MP_model::default_model;
can someone enlighten me about the semantic of those two current_model and
default_model ?
Regards
Gaetano Mendola
--
cpp-today.blogspot.com
More information about the FlopCpp
mailing list