C字符串混乱

Question

I'm learning C right now and got a bit confused with character arrays - strings.

char name[15]="Fortran";

No problem with this - its an array that can hold (up to?) 15 chars

char name[]="Fortran";

C counts the number of characters for me so I don't have to - neat!

char* name;

Okay. What now? All I know is that this can hold an big number of characters that are assigned later (eg: via user input), but

• Why do they call this a char pointer? I know of pointers as references to variables
• Is this an "excuse"? Does this find any other use than in char*?
• What is this actually? Is it a pointer? How do you use it correctly?

thanks in advance, lamas

Answer 1

I think this can be explained this way, since a picture is worth a thousand words...

We'll start off with char name[] = "Fortran" , which is an array of chars, the length is known at compile time, 7 to be exact, right? Wrong! it is 8, since a '\\0' is a nul terminating character, all strings have to have that.

char name[] = "Fortran";
+======+     +-+-+-+-+-+-+-+--+
|0x1234|     |F|o|r|t|r|a|n|\0|
+======+     +-+-+-+-+-+-+-+--+

At link time, the compiler and linker gave the symbol name a memory address of 0x1234. Using the subscript operator, ie name[1] for example, the compiler knows how to calculate where in memory is the character at offset, 0x1234 + 1 = 0x1235, and it is indeed 'o'. That is simple enough, furthermore, with the ANSI C standard, the size of a char data type is 1 byte, which can explain how the runtime can obtain the value of this semantic name[cnt++] , assuming cnt is an int eger and has a value of 3 for example, the runtime steps up by one automatically, and counting from zero, the value of the offset is 't'. This is simple so far so good.

What happens if name[12] was executed? Well, the code will either crash, or you will get garbage, since the boundary of the array is from index/offset 0 (0x1234) up to 8 (0x123B). Anything after that does not belong to name variable, that would be called a buffer overflow!

The address of name in memory is 0x1234, as in the example, if you were to do this:

printf("The address of name is %p\n", &name);

Output would be:
The address of name is 0x00001234

For the sake of brevity and keeping with the example, the memory addresses are 32bit, hence you see the extra 0's. Fair enough? Right, let's move on.

Now on to pointers... char *name is a pointer to type of char ....

Edit: And we initialize it to NULL as shown Thanks Dan for pointing out the little error...

char *name = (char*)NULL;
+======+     +======+ 
|0x5678| ->  |0x0000|    ->    NULL
+======+     +======+

At compile/link time, the name does not point to anything, but has a compile/link time address for the symbol name (0x5678), in fact it is NULL , the pointer address of name is unknown hence 0x0000.

Now, remember , this is crucial, the address of the symbol is known at compile/link time, but the pointer address is unknown, when dealing with pointers of any type

Suppose we do this:

name = (char *)malloc((20 * sizeof(char)) + 1);
strcpy(name, "Fortran");

We called malloc to allocate a memory block for 20 bytes, no, it is not 21, the reason I added 1 on to the size is for the '\\0' nul terminating character. Suppose at runtime, the address given was 0x9876,

char *name;
+======+     +======+          +-+-+-+-+-+-+-+--+
|0x5678| ->  |0x9876|    ->    |F|o|r|t|r|a|n|\0|
+======+     +======+          +-+-+-+-+-+-+-+--+

So when you do this:

printf("The address of name is %p\n", name);
printf("The address of name is %p\n", &name);

Output would be:
The address of name is 0x00005678
The address of name is 0x00009876

Now, this is where the illusion that ' arrays and pointers are the same comes into play here '

When we do this:

char ch = name[1];

What happens at runtime is this:

1. The address of symbol name is looked up
2. Fetch the memory address of that symbol, ie 0x5678.
3. At that address, contains another address, a pointer address to memory and fetch it, ie 0x9876
4. Get the offset based on the subscript value of 1 and add it onto the pointer address, ie 0x9877 to retrieve the value at that memory address, ie 'o' and is assigned to ch .

That above is crucial to understanding this distinction, the difference between arrays and pointers is how the runtime fetches the data, with pointers, there is an extra indirection of fetching.

Remember , an array of type T will always decay into a pointer of the first element of type T .

When we do this:

char ch = *(name + 5);

1. The address of symbol name is looked up
2. Fetch the memory address of that symbol, ie 0x5678.
3. At that address, contains another address, a pointer address to memory and fetch it, ie 0x9876
4. Get the offset based on the value of 5 and add it onto the pointer address, ie 0x987A to retrieve the value at that memory address, ie 'r' and is assigned to ch .

Incidentally, you can also do that to the array of chars also...

Further more, by using subscript operators in the context of an array ie char name[] = "..."; and name[subscript_value] is really the same as *(name + subscript_value). ie

name[3] is the same as *(name + 3)

And since the expression *(name + subscript_value) is commutative , that is in the reverse,

*(subscript_value + name) is the same as *(name + subscript_value)

Hence, this explains why in one of the answers above you can write it like this ( despite it, the practice is not recommended even though it is quite legitimate! )

3[name]

Ok, how do I get the value of the pointer? That is what the * is used for, Suppose the pointer name has that pointer memory address of 0x9878, again, referring to the above example, this is how it is achieved:

char ch = *name;

This means, obtain the value that is pointed to by the memory address of 0x9878, now ch will have the value of 'r'. This is called dereferencing. We just dereferenced a name pointer to obtain the value and assign it to ch .

Also, the compiler knows that a sizeof(char) is 1, hence you can do pointer increment/decrement operations like this

*name++;
*name--;

The pointer automatically steps up/down as a result by one.

When we do this, assuming the pointer memory address of 0x9878:

char ch = *name++;

What is the value of *name and what is the address, the answer is, the *name will now contain 't' and assign it to ch , and the pointer memory address is 0x9879.

This where you have to be careful also, in the same principle and spirit as to what was stated earlier in relation to the memory boundaries in the very first part (see 'What happens if name[12] was executed' in the above) the results will be the same, ie code crashes and burns!

Now, what happens if we deallocate the block of memory pointed to by name by calling the C function free with name as the parameter, ie free(name) :

+======+     +======+ 
|0x5678| ->  |0x0000|    ->    NULL
+======+     +======+

Yes, the block of memory is freed up and handed back to the runtime environment for use by another upcoming code execution of malloc .

Now, this is where the common notation of Segmentation fault comes into play, since name does not point to anything, what happens when we dereference it ie

char ch = *name;

Yes, the code will crash and burn with a 'Segmentation fault', this is common under Unix/Linux. Under windows, a dialog box will appear along the lines of 'Unrecoverable error' or 'An error has occurred with the application, do you wish to send the report to Microsoft?'....if the pointer has not been malloc d and any attempt to dereference it, is guaranteed to crash and burn.

Also: remember this, for every malloc there is a corresponding free , if there is no corresponding free , you have a memory leak in which memory is allocated but not freed up.

And there you have it, that is how pointers work and how arrays are different to pointers, if you are reading a textbook that says they are the same, tear out that page and rip it up! :)

I hope this is of help to you in understanding pointers.

Answer 2

That is a pointer. Which means it is a variable that holds an address in memory. It "points" to another variable.

It actually cannot - by itself - hold large amounts of characters. By itself, it can hold only one address in memory. If you assign characters to it at creation it will allocate space for those characters, and then point to that address. You can do it like this:

char* name = "Mr. Anderson";

That is actually pretty much the same as this:

char name[] = "Mr. Anderson";

The place where character pointers come in handy is dynamic memory. You can assign a string of any length to a char pointer at any time in the program by doing something like this:

char *name;
name = malloc(256*sizeof(char));
strcpy(name, "This is less than 256 characters, so this is fine.");

Alternately, you can assign to it using the strdup() function, like this:

char *name;
name = strdup("This can be as long or short as I want.  The function will allocate enough space for the string and assign return a pointer to it.  Which then gets assigned to name");

If you use a character pointer this way - and assign memory to it, you have to free the memory contained in name before reassigning it. Like this:

if(name)
    free(name);
name = 0;

Make sure to check that name is, in fact, a valid point before trying to free its memory. That's what the if statement does.

The reason you see character pointers get used a whole lot in C is because they allow you to reassign the string with a string of a different size. Static character arrays don't do that. They're also easier to pass around.

Also, character pointers are handy because they can be used to point to different statically allocated character arrays. Like this:

char *name;

char joe[] = "joe";
char bob[] = "bob";

name = joe;

printf("%s", name);

name = bob;
printf("%s", name);

This is what often happens when you pass a statically allocated array to a function taking a character pointer. For instance:

void strcpy(char *str1, char *str2);

If you then pass that:

char buffer[256];
strcpy(buffer, "This is a string, less than 256 characters.");

It will manipulate both of those through str1 and str2 which are just pointers that point to where buffer and the string literal are stored in memory.

Something to keep in mind when working in a function. If you have a function that returns a character pointer, don't return a pointer to a static character array allocated in the function. It will go out of scope and you'll have issues. Repeat, don't do this:

char *myFunc() {
    char myBuf[64];
    strcpy(myBuf, "hi");
    return myBuf;
}

That won't work. You have to use a pointer and allocate memory (like shown earlier) in that case. The memory allocated will persist then, even when you pass out of the functions scope. Just don't forget to free it as previously mentioned.

This ended up a bit more encyclopedic than I'd intended, hope its helpful.

Editted to remove C++ code. I mix the two so often, I sometimes forget.

Answer 3

char* name is just a pointer. Somewhere along the line memory has to be allocated and the address of that memory stored in name .

• It could point to a single byte of memory and be a "true" pointer to a single char.
• It could point to a contiguous area of memory which holds a number of characters.
• If those characters happen to end with a null terminator, low and behold you have a pointer to a string.

Answer 4

In C a string is actually just an array of characters, as you can see by the definition. However, superficially, any array is just a pointer to its first element, see below for the subtle intricacies. There is no range checking in C, the range you supply in the variable declaration has only meaning for the memory allocation for the variable.

a[x] is the same as *(a + x) , ie dereference of the pointer a incremented by x.

if you used the following:

char foo[] = "foobar";
char bar = *foo;

bar will be set to 'f'

To stave of confusion and avoid misleading people, some extra words on the more intricate difference between pointers and arrays, thanks avakar:

In some cases a pointer is actually semantically different from an array, a (non-exhaustive) list of examples:

//sizeof
sizeof(char*) != sizeof(char[10])

//lvalues
char foo[] = "foobar";
char bar[] = "baz";
char* p;
foo = bar; // compile error, array is not an lvalue
p = bar; //just fine p now points to the array contents of bar

// multidimensional arrays
int baz[2][2];
int* q = baz; //compile error, multidimensional arrays can not decay into pointer
int* r = baz[0]; //just fine, r now points to the first element of the first "row" of baz
int x = baz[1][1];
int y = r[1][1]; //compile error, don't know dimensions of array, so subscripting is not possible
int z = r[1]: //just fine, z now holds the second element of the first "row" of baz

And finally a fun bit of trivia; since a[x] is equivalent to *(a + x) you can actually use eg '3[a]' to access the fourth element of array a. Ie the following is perfectly legal code, and will print 'b' the fourth character of string foo.

#include <stdio.h>

int main(int argc, char** argv) {
  char foo[] = "foobar";

  printf("%c\n", 3[foo]);

  return 0;
}

Answer 5

char *name , on it's own, can't hold any characters . This is important.

char *name just declares that name is a pointer (that is, a variable whose value is an address) that will be used to store the address of one or more characters at some point later in the program. It does not, however, allocate any space in memory to actually hold those characters, nor does it guarantee that name even contains a valid address. In the same way, if you have a declaration like int number there is no way to know what the value of number is until you explicitly set it.

Just like after declaring the value of an integer, you might later set its value ( number = 42 ), after declaring a pointer to char, you might later set its value to be a valid memory address that contains a character -- or sequence of characters -- that you are interested in.

Answer 6

It is confusing indeed. The important thing to understand and distinguish is that char name[] declares array and char* name declares pointer. The two are different animals.

However, array in C can be implicitly converted to pointer to its first element. This gives you ability to perform pointer arithmetic and iterate through array elements (it does not matter elements of what type, char or not). As @which mentioned, you can use both, indexing operator or pointer arithmetic to access array elements. In fact, indexing operator is just a syntactic sugar (another representation of the same expression) for pointer arithmetic.

It is important to distinguish difference between array and pointer to first element of array. It is possible to query size of array declared as char name[15] using sizeof operator:

char name[15] = { 0 };
size_t s = sizeof(name);
assert(s == 15);

but if you apply sizeof to char* name you will get size of pointer on your platform (ie 4 bytes):

char* name = 0;
size_t s = sizeof(name);
assert(s == 4); // assuming pointer is 4-bytes long on your compiler/machine

Also, the two forms of definitions of arrays of char elements are equivalent:

char letters1[5] = { 'a', 'b', 'c', 'd', '\0' };
char letters2[5] = "abcd"; /* 5th element implicitly gets value of 0 */

The dual nature of arrays, the implicit conversion of array to pointer to its first element, in C (and also C++) language, pointer can be used as iterator to walk through array elements:

/ *skip to 'd' letter */
char* it = letters1;
for (int i = 0; i < 3; i++)
    it++;

Answer 7

One is an actual array object and the other is a reference or pointer to such an array object.

The thing that can be confusing is that both have the address of the first character in them, but only because one address is the first character and the other address is a word in memory that contains the address of the character.

The difference can be seen in the value of &name . In the first two cases it is the same value as just name , but in the third case it is a different type called pointer to pointer to char , or **char , and it is the address of the pointer itself. That is, it is a double-indirect pointer.

#include <stdio.h>

char name1[] = "fortran";
char *name2 = "fortran";

int main(void) {
    printf("%lx\n%lx %s\n", (long)name1, (long)&name1, name1);
    printf("%lx\n%lx %s\n", (long)name2, (long)&name2, name2);
    return 0;
}
Ross-Harveys-MacBook-Pro:so ross$ ./a.out
100001068
100001068 fortran
100000f58
100001070 fortran