[MacPorts] #37862: libsvm 3.15 and 3.16 potential crash on svm_free_model_content()
MacPorts
noreply at macports.org
Thu Jan 31 05:01:48 PST 2013
#37862: libsvm 3.15 and 3.16 potential crash on svm_free_model_content()
--------------------------------+-------------------
Reporter: andre.dos.anjos@… | Owner: hum@…
Type: defect | Status: new
Priority: High | Milestone:
Component: ports | Version: 2.1.2
Resolution: | Keywords:
Port: libsvm |
--------------------------------+-------------------
Comment (by andre.dos.anjos@…):
So, here you have the conversation. Can you consider the patch now?
{{{
Delivered-To: andre.dos.anjos at ...
Received: by 10.59.7.130 with SMTP id dc2csp70684ved;
Thu, 31 Jan 2013 04:48:46 -0800 (PST)
...
From: Chih-Jen Lin <cjlin at ...>
...
Date: Thu, 31 Jan 2013 20:48:37 +0800
To: =?iso-8859-1?Q?Andr=E9?= Anjos <andre.dos.anjos at ...>
Subject: libsvm-3.15 & 3.16 initialization bug
X-ASG-Orig-Subj: libsvm-3.15 & 3.16 initialization bug
Yes, you are right. We will fix this in the next
release.
Best,
Chih-Jen
André Anjos writes:
> Hello,
>
> Please note that the newly introduced free() call at
> svm_free_model_content() (lines 2976+1):
>
> free(model_ptr->sv_indices);
> model_ptr->sv_indices = NULL;
>
> Potentially triggers a crash because "sv_indices" is
> never properly initialized when using svm_load_model
> (). It is only done if svm_train() is called.
>
> This means that any "svm_load_model()" usage,
> depending on compile options and other code layout
> details, may load a model with an uninitialized
> value of "sv_indices" (!= 0) and the code indicated
> above would crash in this case.
>
> I suggest the following patch @ svm_load_model()
> (arond line 2749):
>
> model->sv_indices = NULL;
>
> This should do the trick.
>
> Best,
}}}
--
Ticket URL: <https://trac.macports.org/ticket/37862#comment:4>
MacPorts <http://www.macports.org/>
Ports system for Mac OS
More information about the macports-tickets
mailing list