Graphviz Issue Tracker
Mantis Bug Tracker

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000846graphvizNeatopublic2005-03-24 09:052011-04-28 04:03
ReporterJohn Hinsdale 
Assigned Toerg 
PrioritynormalSeveritycriticalReproducibilityalways
StatusclosedResolutionfixed 
PlatformOSx86-Linux-2.4.20 (Debian)OS Version
Summary0000846: Seg fault due to bad array index in pathplan/cvt.c
Description



I'm getting a seg faulat near line 134 of pathplan/cvt.c:
<CD>
    for (i = dad[config->N]; i != config->N + 1; i = dad[i])
</CD>



In GDB (debugger) it is showing variable "i" taking on the
value -1 ... this then caause the loop iteration step to
attempt to access dad[-1] which seg faults.



I fixed it with this:



<CD>
    for (i = dad[config->N]; i >= 0 && i != config->N + 1; i = dad[i])
</CD>



I also applied this fix about seven lines down to a similar loop.



Hope this helps. Unfortunately I no longer have the input
that generated the error, but I'm hoping you can figure out
how it could have happened (is -1 a special case value for
indexes in the dad[] array? -- if so perhaps it
needs to be checked for here).
Additional Information

[erg] As with bug 658, since i can never be -1, this is indicative
of a much more serious problem. It may indeed be another version of
658. When the real fix of 658 is removed and the suggested fix is
added, the 658 seg fault doesn't occur, nor does this one, but the
output is definitely screwy, with a loop having 2 beziers.

I'm going to leave this open, but I'm guessing the fix for 658 also
fixes this one.

[erg] I believe this has been fixed by bug 670. Without a test case,
will never know.
TagsNo tags attached.
AUXILLARY-FILES
DATE-FIXED
FIX-COMMENT
FORMER-ID659
INPUT-FILE
OUTPUT-FILE
STATUS-COMMENTFixed (7 April 2005)
VERSION     2.2
Attached Files

- Relationships

-  Notes
There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2011-04-28 04:03 user1 New Issue
2011-04-28 04:03 user1 Assigned To => erg


MantisBT 1.2.5[^]
Copyright © 2000 - 2011 MantisBT Group
Powered by Mantis Bugtracker