Bug in CARAT

CARAT

CARAT is mathematics software for researching low-dimensional crystallographic groups.

The bug

One piece of the source code contains a memory management bug. How this bug manifests itself depends from system to system. One one system, the program may just work fine. On another, it may cause the program to crash, give an error, or do other weird things.

The fix

For version 2.1b1 19.07.2008, in the file carat/functions/Matrix/real_mat.c, before the line 89 (if (mat->cols > cols ) {), add the following lines of code:

  mat->array.SZ = Z;
  mat->array.N = N;

I have submitted a patch to the maintainer of CARAT somewhere in 2010, but the patch did not make it into the download on their website.

Technical details

This bug is related to improper use of the realloc() function. This function is used to grow or shrink the amount of memory used for a particular purpose. The function realloc() may move the memory used to another location. If this happens in the real_mat.c file, then the call to quick_null_mat() later on works on an outdated version of the variable mat. This causes the trouble.