[英]C++ / Gcc - Stack smashing when a func returns a struct
I'm actually having troubles with a simple program which is supposed to pass a struct through named pipes. 我实际上遇到了一个简单的程序的麻烦,该程序应该通过命名管道传递结构。
Here is my main.cpp: 这是我的main.cpp:
#include <cstdlib>
#include <cstdio>
#include <iostream>
#include <string>
#include "NamedPipe.hh"
int main()
{
pid_t pid;
std::string str("test_namedPipe");
NamedPipe pipe(str);
message *msg;
//Initialisation of my struct
msg = (message *)malloc(sizeof(message) + sizeof(char) * 12);
msg->type = 1;
sprintf(msg->str, "Hello World");
//Forking
pid = fork();
if (pid != 0) {
pipe.send(msg);
} else {
message msg_receive = pipe.receive(); //Here is the overflow
std::cout << "type: " << msg_receive.type << " file: " << msg_receive.str << std::endl;
}
return (0);
}
My NamedPipe.cpp: 我的NamedPipe.cpp:
#include "NamedPipe.hh"
#include <stdio.h>
NamedPipe::NamedPipe(std::string const &_name) : name("/tmp/" + _name) {
mkfifo(name.c_str(), 0666);
// std::cout << "create fifo " << name << std::endl;
}
NamedPipe::~NamedPipe() {
unlink(name.c_str());
}
void NamedPipe::send(message *msg) {
int fd;
int size = sizeof(char) * 12 + sizeof(message);
fd = open(name.c_str(), O_WRONLY);
write(fd, &size, sizeof(int));
write(fd, msg, (size_t)size);
close(fd);
}
message NamedPipe::receive() {
int fd;
int size;
message msg;
fd = open(name.c_str(), O_RDONLY);
read(fd, &size, sizeof(int));
read(fd, &msg, (size_t)size);
close(fd);
return (msg); //I debugged with printf. This actually reach this point before overflow
}
And my struct is defined like: 我的结构定义如下:
struct message {
int type;
char str[0];
};
I actually think that may be a problem of memory allocation, but I have really no idea of what I should do to fix this. 我实际上认为这可能是内存分配的问题,但是我真的不知道应该如何解决此问题。
Thanks for reading/helping ! 感谢您的阅读/帮助!
This is the root of your problem, your struct message
: 这是问题的根源,即struct message
:
char str[0]; char str [0];
This is not kosher in C++ (nor is the way you're using it kosher in C). 这不是C ++中的犹太洁食(也不是C语言中使用犹太洁食的方式)。 When you allocate a message
on the stack, you're allocating room for one int
and 0 char
s. 在堆栈上分配message
时,将为1个int
和0个char
分配空间。 Then in this line 然后在这行
read(fd, &msg, (size_t)size);
you write beyond your stack allocation into neverland. 您将超出堆栈分配的内容写入了梦幻岛。 Then you return your message
object which would be just one int
in size. 然后,您返回的message
对象的大小仅为1 int
。
Change your struct to this, and it should "work" 将您的结构更改为此,它应该“起作用”
struct message
{
int type;
char str[ 16 ];
};
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.