Invalid read in mpz_sub

Torbjörn Granlund tg at
Wed Apr 6 15:39:21 UTC 2016

Miha Marolt <miham at> writes:

  In some cases a previously freed memory is read inside the mpz_sub function. Here is
  an example program that demonstrates the problem:

The bug is in your code.

When passing x by value, you make copies of the two contained mpz_t
variables, including pointers.  Then you cause reallocation of the
original variables, making pointer your copies point to stale data.

Please encrypt, key id 0xC8601622

More information about the gmp-bugs mailing list