Opened 4 years ago

Closed 3 years ago

#181 closed defect (migrated)

NULL pointer dereference in

Reported by: Owned by: tkr
Priority: major Component: Cbc
Version: trunk Keywords:



I found a NULL pointer dereference in cbc.

Please confirm.


Summary: NULL pointer dereference

OS: CentOS 7 64bit

Version: Trunk (unstable)

Steps to reproduce:

1.Download the .POC files.

2.Compile the source code with ASan.

3.Execute the following command : ./cbc $POC

==23114==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000018 (pc 0x000001697a01 bp 0x7ffe6bd33f10 sp 0x7ffe6bd33d40 T0)
==23114==The signal is caused by a READ memory access.
==23114==Hint: address points to the zero page.
    #0 0x1697a00 in CoinMpsCardReader::cleanCard() /home/karas/Cbc/CoinUtils/src/CoinMpsIO.cpp:280:19
    #1 0x16995b0 in CoinMpsCardReader::nextField() /home/karas/Cbc/CoinUtils/src/CoinMpsIO.cpp:516:10
    #2 0x16aab30 in CoinMpsIO::readMps(int&, CoinSet**&) /home/karas/Cbc/CoinUtils/src/CoinMpsIO.cpp:1633:18
    #3 0x16aa43f in CoinMpsIO::readMps(char const*, char const*, int&, CoinSet**&) /home/karas/Cbc/CoinUtils/src/CoinMpsIO.cpp:1573:10
    #4 0xc2a8db in OsiClpSolverInterface::readMps(char const*, bool, bool) /home/karas/Cbc/Clp/src/OsiClp/OsiClpSolverInterface.cpp:5765:24
    #5 0x561814 in CbcMain1(int, char const**, CbcModel&, int (*)(CbcModel*, int), CbcSolverUsefulData&) /home/karas/Cbc/Cbc/src/CbcSolver.cpp:7955:53
    #6 0x5254b6 in main /home/karas/Cbc/Cbc/src/CoinSolve.cpp:350:22
    #7 0x7fd8c61b21c0 in __libc_start_main /build/glibc-CxtIbX/glibc-2.26/csu/../csu/libc-start.c:308
    #8 0x42e049 in _start (/home/karas/Cbc/run/bin/cbc+0x42e049)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/karas/Cbc/CoinUtils/src/CoinMpsIO.cpp:280:19 in CoinMpsCardReader::cleanCard()



This work was supported by ICT R&D program of MSIP/IITP. [R7518-16-1001,

Innovation hub for high Performance Computing]

Attachments (1)

null_CoinMpsCardReader__cleanCard (169 bytes) - added by 4 years ago.

Download all attachments as: .zip

Change History (3)

Changed 4 years ago by


comment:1 Changed 4 years ago by

NULL pointer dereference in CoinMpsCardReader::cleanCard

comment:2 Changed 3 years ago by stefan

  • Resolution set to migrated
  • Status changed from new to closed

This ticket has been migrated to GitHub and will be resolved there:

Note: See TracTickets for help on using tickets.