ECOS_cleanup writes to the problem data here. However, we pass arrays to ECOS that are not GC tracked past the setup call, e.g., here. These arrays could be freed before the call to ECOS_cleanup, so there's a potential for arbitrary memory corruption.
ECOS_cleanupwrites to the problem data here. However, we pass arrays to ECOS that are not GC tracked past thesetupcall, e.g., here. These arrays could be freed before the call toECOS_cleanup, so there's a potential for arbitrary memory corruption.