简体   繁体   English

为什么这个C代码不会改变字符串并导致缓冲区溢出?

[英]Why doesn't this C code change the string and cause a buffer overflow?

I wrote this code 我写了这段代码

#include <stdio.h>

int main()
{
    char String[] = "Hello the world!";
    char *pointer = String;
    int i;

    printf(" %s\n", pointer);

    pointer = "Helllooooo the worlldddddd";
    printf("Hello %s\n", pointer);
    printf("Hello %s\n", String);

    return 0;
}

but I can't understand how this line works fine. 但我无法理解这条线是如何工作的。

pointer = "Helllooooo the worlldddddd";

but I got this output 但我得到了这个输出

 Hello the world!
Hello Helllooooo the worlldddddd
Hello Hello the world!

As you see it couldn't change String value but it shows more than the original number of characters. 如您所见,它无法更改String值,但显示的字符数超过原始字符数。 Shouldn't this cause a buffer overflow? 这不应该导致缓冲区溢出吗? Won't that destroy other variables? 不会破坏其他变量吗?

When you write the line 当你写行

pointer="Helllooooo the worlldddddd";

you are not saying "take the array pointed at by pointer and overwrite its contents with the string "Helllooooo the worlldddddd" ," but rather "change which string pointer points at so that it's now pointing at the string ""Helllooooo the worlldddddd" ." This accounts for why you're seeing the original string printed out when you directly print String - you never actually modified it. As a result, you don't need to worry about overflowing your array here, since you're not actually writing anything to it. 你不是说“通过pointer数组,用字符串"Helllooooo the worlldddddd"覆盖其内容,”而是“更改哪个字符串 pointer指向,以便它现在指向字符串""Helllooooo the worlldddddd" 。 “这说明了当你直接打印String时你看到原始字符串被打印出来的原因 - 你从来没有真正修改它。因此,你不必担心这里的数组溢出,因为你实际上并没有写任何事情。

On the other hand, if you wrote 另一方面,如果你写了

strcpy(pointer, "Helllooooo the worlldddddd");

which actually does copy the contents of the new string into the buffer pointed at by pointer , then you would have a buffer overflow, which would be a problem. 实际上 会将新字符串的内容复制到pointer的缓冲区中,然后你会有一个缓冲区溢出,这将是一个问题。 But notice that this is a very different operation that explicitly says "please copy the contents of this string to this location" rather than "change where this pointer points." 但请注意,这是一个非常不同的操作,明确表示“请将此字符串的内容复制到此位置”,而不是“更改此指针指向的位置”。

you have initialize a pointer which point to String "Hello the world " char *pointer=String; 你已初始化一个指向字符串“Hello the world”的char *pointer=String; so far so good . 到现在为止还挺好 。
first printf printf(" %s\\n",pointer); 首先是printf printf(" %s\\n",pointer); , you have printed the pointer which point to "Hello the world". ,你已经打印了指向“Hello the world”的指针。
then you set the pointer to point anew string "Hellloooooo the worllddddd" pointer="Helllooooo the worlldddddd"; 然后你设置指针指向一个新的字符串“Hellloooooo the worllddddd” pointer="Helllooooo the worlldddddd"; .
then you have printed the pointer which point in this case to "Hellloooooo the worllddddd" printf("Hello %s\\n",pointer); 然后你打印了指针,在这种情况下指向“Hellloooooo the worllddddd” printf("Hello %s\\n",pointer); .
last printf you have printed the string "Hello the world" printf("Hello %s\\n",String); last printf你打印了字符串“Hello the world” printf("Hello %s\\n",String); .
Note:. 注意:。 ((takecare that you have printed in second printf("Hello %s\\n",String); and third printf printf("Hello %s\\n",String); the string hello which will be printed before the value of the pointer or the string)) ((你已经在第二个printf("Hello %s\\n",String);打印出来了printf("Hello %s\\n",String);以及第三个printf printf("Hello %s\\n",String);字符串hello将在值之前打印指针或字符串))

One more quick option for you to consider when manipulating strings: 操作字符串时需要考虑的另一个快速选项:
The string function strdup(...); 字符串函数strdup(...); allows the copying of an existing string into a newly created string in one easy step. 允许通过一个简单的步骤将现有字符串复制到新创建的字符串中。 (or at least one in which all the complexity has been abstracted away) : (或至少有一个所有复杂性已被抽象出来)

 char *pointer = strdup("Helllooooo the worlldddddd");

The new string pointer can now be used to contain any string up to len long, where len is defined as: 新的字符串pointer现在可用于包含最长为len long的任何字符串,其中len定义为:

int len = strlen(pointer);//len is 26 after using strdup(...); above

So for example, because your example string is shorter than len : 例如,因为您的示例字符串比len短:

char String[]="Hello the world!";//length is 16

you could copy it into pointer without a buffer overflow: 你可以将它复制到pointer而没有缓冲区溢出:

strcpy(pointer, String);

Strings created using strdup(...): need to be free'd to avoid memory leaks. 使用strdup(...):创建的字符串strdup(...):需要被释放以避免内存泄漏。 Call the following when you are finished using pointer : 使用完pointer后调用以下命令:

free(pointer);
#include <stdio.h>

int main()
{
char String[]="Hello the world";  // the string
char *pointer=String;             // pointer to string 
char i;                           //counter

printf(" %s\n",pointer);          // print current value of pointer

pointer="number of char";         // new value to replace the string
for (i=0;i<14;i++)                // you cannot change the content of array without using loop
{
String[i] = pointer[i];           // char i in string = ti char i in pointer
}
printf("Hello   %s\n",pointer);   // print value of pointer
printf("Hello   %s\n",String);    // print value of string

return 0;
} 

i think that what are you trying to do. 我想你想做什么。

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM