realloc导致指针数组的glibc错误
[英]realloc causes glibc error for array of pointers
问题描述
I have some C code that contains an array of text that I'm trying to manipulate in the following manner :- 
我有一些C代码,其中包含我试图以下列方式操作的文本数组: -
- Allocate an array of pointers
dictionaryof sizedictionary_sizeinitialized to 50分配大小为dictionary_size的指针数组dictionary,初始化为50 - Replace all spaces and \\n's with '\\0' 替换所有空格,\\ n \\ n更换为'\\ 0'
- Store the address of every 3rd string(separated by an unknown number of \\n's or spaces) in
dictionary在dictionary存储每个第3个字符串的地址(由未知数量的\\ n或空格分隔) - If
dictionaryis full, realloc to size,dictionary_size * 2如果dictionary已满,请重新分配大小,dictionary_size * 2
The code however, causes the following error :- 但是,代码会导致以下错误: -
*** glibc detected *** ./crack: realloc(): invalid next size: 0x0000000001386010 ***
^Cmake: *** [run] Interrupt
The code is as follows :- 代码如下: -
// Replace all spaces with '\0'
for ( i = 0; i < file_size; i++ ) {
if ( temp_buffer[i] == ' ' || temp_buffer[i] == '\n' ) {
while ( temp_buffer[i] == ' ' || temp_buffer[i] == '\n' ) {
temp_buffer[i] = '\0';
}
j++;
}
if ( (j-1) % 3 == 0 ) {
dictionary[k] = temp_buffer+i;
k += 1;
if ( k == dictionary_size ) {
dictionary_size *= 2;
printf("Going to realloc to %d\n", dictionary_size);
dictionary = (char **)realloc(dictionary, dictionary_size);
}
}
}
[EDIT] Based on the debugging statements I have, the very first realloc(to a size of 100) fails. [编辑]根据我的调试语句,第一个realloc(大小为100)失败。
2 个解决方案
解决方案1
2 2014-01-14 11:56:16
dictionary_size is the element (pointer) count, not the allocation size. dictionary_size是元素(指针)计数,而不是分配大小。 should be dictionary_size * sizeof(char*) 应该是dictionary_size * sizeof(char*)
dictionary = realloc(dictionary, dictionary_size * sizeof(*dictionary)); // safer, 10x @alk
Or (less recommneded): 或者(较少推荐):
dictionary = realloc(dictionary, dictionary_size * sizeof(char*)); // clearer
Also check that dictionary_size is properly initialized. 还要检查dictionary_size是否已正确初始化。
解决方案2
0 2014-01-14 12:07:25
You are allocating too little memory. 你分配的内存太少了。 The error is caused by trashing the memory (and you can never know which error will actually come out from trashed memory). 该错误是由于破坏内存造成的(你永远无法知道哪些错误实际上会从被破坏的内存中产生)。
If you allocate dictionary_size bytes you have room for dictionary_size/sizeof(char *) pointers. 如果你分配了dictionary_size字节,你就有了使用dictionary_size/sizeof(char *)指针的空间。
Your if statement, instead, suggests that you think you have space for dictionary_size pointers, which is not the case. 相反,你的if语句表明你认为你有了dictionary_size指针的空间,但事实并非如此。
Change your malloc/realloc to something like: 将malloc / realloc更改为:
dictionary = (char **)realloc(dictionary, dictionary_size * sizeof(char *));
btw, you don't need to cast the return of realloc. 顺便说一句,你不需要转换realloc的返回。
As a final suggestion, considering that realloc(NULL, ...) is equivalent to malloc() , it might be easier to write something like: 作为最后的建议,考虑到realloc(NULL, ...)等同于malloc() ,可能更容易编写类似于:
dictionary = NULL;
... other code here ...
if ( k >= dictionary_size ) {
while (k >= dictionary_size) dictionary_size *= 2;
printf("Going to realloc to %d\n", dictionary_size);
dictionary = (char **)realloc(dictionary, dictionary_size * sizeof(char *));
}
dictionary[k++] = temp_buffer+i;
... etc ...
So you are absolutely sure that whatever k is, you have enough room for dictionary[k]. 所以你绝对相信无论k是什么,你都有足够的词典空间[k]。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.