Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

C++ char array null terminator location

I am a student learning C++, and I am trying to understand how null-terminated character arrays work. Suppose I define a char array like so:

char* str1 = "hello world";

As expected, strlen(str1) is equal to 11, and it is null-terminated.

Where does C++ put the null terminator, if all 11 elements of the above char array are filled with the characters "hello world"? Is it actually allocating an array of length 12 instead of 11, with the 12th character being '\0'? CPlusPlus.com seems to suggest that one of the 11 would need to be '\0', unless it is indeed allocating 12.

Suppose I do the following:

// Create a new char array
char* str2 = (char*) malloc( strlen(str1) );

// Copy the first one to the second one
strncpy( str2, str1, strlen(str1) );

// Output the second one
cout << "Str2: " << str2 << endl;

This outputs Str2: hello worldatcomY╗°g♠↕, which I assume is C++ reading the memory at the location pointed to by the pointer char* str2 until it encounters what it interprets to be a null character.

However, if I then do this:

// Null-terminate the second one
str2[strlen(str1)] = '\0';

// Output the second one again
cout << "Terminated Str2: " << str2 << endl;

It outputs Terminated Str2: hello world as expected.

But doesn't writing to str2[11] imply that we are writing outside of the allocated memory space of str2, since str2[11] is the 12th byte, but we only allocated 11 bytes?

Running this code does not seem to cause any compiler warnings or run-time errors. Is this safe to do in practice? Would it be better to use malloc( strlen(str1) + 1 ) instead of malloc( strlen(str1) )?

like image 361
John Mahoney Avatar asked Apr 06 '12 23:04

John Mahoney


People also ask

Are char arrays null terminated in C?

A C-style string is a null (denoted by \0 ) terminated char array. The null occurs after the last character of the string. For an initialization using double quotes, "...", the compiler will insert the null .

Do char arrays have null terminator?

There isn't a character that is reserved, so you must be careful not to fill the entire array to the point it can't be null terminated. Char functions rely on the null terminator, and you will get disastrous results from them if you find yourself in the situation you describe.

Are all char * null terminated?

char arrays are not automatically NULL terminated, only string literals, e.g. char *myArr = "string literal"; , and some string char pointers returned from stdlib string methods.

How does the court finds the end of a character array?

The \0 character marks the end of the string stored in a char array, if (and only if) that char array is intended to store a string. A char array is just a char array. It stores independent integer values ( char is just a small integer type).


3 Answers

In the case of a string literal the compiler is actually reserving an extra char element for the \0 element.

// Create a new char array
char* str2 = (char*) malloc( strlen(str1) );

This is a common mistake new C programmers make. When allocating the storage for a char* you need to allocate the number of characters + 1 more to store the \0. Not allocating the extra storage here means this line is also illegal

// Null-terminate the second one
str2[strlen(str1)] = '\0';

Here you're actually writing past the end of the memory you allocated. When allocating X elements the last legal byte you can access is the memory address offset by X - 1. Writing to the X element causes undefined behavior. It will often work but is a ticking time bomb.

The proper way to write this is as follows

size_t size = strlen(str1) + sizeof(char);
char* str2 = (char*) malloc(size);
strncpy( str2, str1, size);

// Output the second one
cout << "Str2: " << str2 << endl;

In this example the str2[size - 1] = '\0' isn't actually needed. The strncpy function will fill all extra spaces with the null terminator. Here there are only size - 1 elements in str1 so the final element in the array is unneeded and will be filled with \0

like image 144
JaredPar Avatar answered Oct 02 '22 06:10

JaredPar


Is it actually allocating an array of length 12 instead of 11, with the 12th character being '\0'?

Yes.

But doesn't writing to str2[11] imply that we are writing outside of the allocated memory space of str2, since str2[11] is the 12th byte, but we only allocated 11 bytes?

Yes.

Would it be better to use malloc( strlen(str1) + 1 ) instead of malloc( strlen(str1) )?

Yes, because the second form is not long enough to copy the string into.

Running this code does not seem to cause any compiler warnings or run-time errors.

Detecting this in all but the simplest cases is a very difficult problem. So the compiler authors simply don't bother.


This sort of complexity is exactly why you should be using std::string rather than raw C-style strings if you are writing C++. It's as simple as this:

std::string str1 = "hello world";
std::string str2 = str1;
like image 5
Oliver Charlesworth Avatar answered Oct 02 '22 06:10

Oliver Charlesworth


The literal "hello world" is a char array that looks like:

{ 'h', 'e', 'l', 'l', 'o', ' ', 'w', 'o', 'r', 'l', 'd', '\0' }

So, yes, the literal is 12 chars in size.

Also, malloc( strlen(str1) ) is allocating memory for 1 less byte than is needed, since strlen returns the length of the string, not including the NUL terminator. Writing to str[strlen(str1)] is writing 1 byte past the amount of memory that you've allocated.

Your compiler won't tell you that, but if you run your program through valgrind or a similar program available on your system it'll tell you if you're accessing memory you shouldn't be.

like image 3
AusCBloke Avatar answered Oct 02 '22 07:10

AusCBloke