Opened 16 months ago

Closed 8 weeks ago

#180 closed defect (migrated)

NULL pointer dereference in CoinMpsIO::rowName

Reported by: gy741.kim Owned by: tkr
Priority: major Component: Cbc
Version: trunk Keywords:
Cc:

Description

Hello.

I found a NULL pointer dereference in cbc.

Please confirm.

Thanks.

Summary: NULL pointer dereference

OS: CentOS 7 64bit

Version: Trunk (unstable)

PoC Download: https://github.com/gy741/PoC/raw/master/Null_CoinMpsIO_rowName

Steps to reproduce: 1.Download the .POC files. 2.Compile the source code with ASan. 3.Execute the following command : ./cbc $POC

ASAN:SIGSEGV
=================================================================
==20322==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f3612a0441d bp 0x7ffc1b7494f0 sp 0x7ffc1b748e90 T0)
    #0 0x7f3612a0441c in CoinMpsIO::rowName(int) const /home/karas/Cbc/CoinUtils/src/CoinMpsIO.cpp:5168:12
    #1 0x7f3614a2dff7 in OsiClpSolverInterface::readMps(char const*, bool, bool) /home/karas/Cbc/Clp/src/OsiClp/OsiClpSolverInterface.cpp:5828:22
    #2 0x7f3615a51a86 in CbcMain1(int, char const**, CbcModel&, int (*)(CbcModel*, int), CbcSolverUsefulData&) /home/karas/Cbc/Cbc/src/CbcSolver.cpp:7955:42
    #3 0x4dcfd2 in main /home/karas/Cbc/Cbc/src/CoinSolve.cpp:350:22
    #4 0x7f360f8bf82f in __libc_start_main /build/glibc-bfm8X4/glibc-2.23/csu/../csu/libc-start.c:291
    #5 0x435a18 in _start (/home/karas/Cbc/qq/bin/cbc+0x435a18)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home//karas/Cbc/CoinUtils/src/CoinMpsIO.cpp:5168 CoinMpsIO::rowName(int) const
==20322==ABORTING

==========

[Acknowledgement]

This work was supported by ICT R&D program of MSIP/IITP. [R7518-16-1001,

Innovation hub for high Performance Computing]

Attachments (1)

Null_CoinMpsIO_rowName (5 bytes) - added by gy741.kim 16 months ago.
PoC

Download all attachments as: .zip

Change History (2)

Changed 16 months ago by gy741.kim

PoC

comment:1 Changed 8 weeks ago by stefan

  • Resolution set to migrated
  • Status changed from new to closed

This ticket has been migrated to GitHub and will be resolved there: https://github.com/coin-or/Cbc/issues/180

Note: See TracTickets for help on using tickets.