Thread: Please...help

    #1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2012
    Posts
    29
    Rep Power
    0

    Please...help


    Can any one please explain me, Why the malloc statement is not crashing ...since I am allocating only 1 byte of memory and copying more the that..
    kindly explain me...
    Thanks in Advance
    Code:
    #include "StdAfx.h"
    #include <stdio.h>
    #include <string.h>
    #include <stdlib.h> 
    
    int main( void )
    {  
       char           lv_Rerh_CallsData[50][256]    =     {""};     
       char           * string                            =     "";
       char d;
       string = (char *)malloc(1);   
       printf("size of string : %d",sizeof(string));
       printf("\nsize of string d: %d",sizeof(d));
        
       for(int i = 0; i < 50; i++)
       {
             //lp_args[c++] = (char*)lv_Rerh_CallsData[i];                  
                sprintf_s(lv_Rerh_CallsData[i],32,"shripad123456 i: %d |",i);     
                if(i ==0)
                      strcpy(string,lv_Rerh_CallsData[i]);   
                else
                      strcat(string,lv_Rerh_CallsData[i]);   
          
       }
      
      // printf ("Content-type: text/html\n\n");
       printf(" %s",string);
       
    }
  2. #2
  3. Contributed User
    Devshed Specialist (4000 - 4499 posts)

    Join Date
    Jun 2005
    Posts
    4,376
    Rep Power
    1871
    > Can any one please explain me, Why the malloc statement is not crashing
    Luck (mostly).

    Here is a little diagram of some memory.
    Code:
    +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
    |   |   |   |   |   |   |   |   |   |   |   |   |   |   |   |   |   |
    +---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
    P   N
    Here, P is the pointer to the memory you allocated, and N would be the next pointer to memory IF you call malloc again.

    Until you call another malloc function (malloc, calloc, realloc, free), you're typically not going to see that you're doing anything wrong (unless you're running in a heavily instrumented build designed specifically to trap malloc overruns).

    Eg.
    Code:
       string = (char *)malloc(1);   
       char *n = malloc(100);
       strcpy(n,"This is a test");
    Now, given your current code, the most likely observation is that n gets trashed.

    The real fun starts when you try to call malloc again, or even free.
    free(n) is especially problematic if you've massively overrun your string.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jun 2012
    Posts
    29
    Rep Power
    0
    So if I use malloc again then it will crash.
  6. #4
  7. Contributed User
    Devshed Specialist (4000 - 4499 posts)

    Join Date
    Jun 2005
    Posts
    4,376
    Rep Power
    1871
    Originally Posted by gurukrupa_1989
    So if I use malloc again then it will crash.
    Who knows (for sure).
    There is no guarantee of anything happening after you've corrupted memory with a buffer overrun.

    It might crash consistently mere microseconds after the overrun, in which case it's usually easy to spot and fix.

    Or it could crash one a year in some completely random spot in the code and you're really left wondering WTF is going on. These are some of the hardest bugs to find, outside of race conditions in multi-threaded code.
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper

IMN logo majestic logo threadwatch logo seochat tools logo