Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

C strings confusion

Tags:

c

string

I'm learning C right now and got a bit confused with character arrays - strings.

char name[15]="Fortran";

No problem with this - its an array that can hold (up to?) 15 chars

char name[]="Fortran";

C counts the number of characters for me so I don't have to - neat!

char* name;

Okay. What now? All I know is that this can hold an big number of characters that are assigned later (e.g.: via user input), but

  • Why do they call this a char pointer? I know of pointers as references to variables
  • Is this an "excuse"? Does this find any other use than in char*?
  • What is this actually? Is it a pointer? How do you use it correctly?

thanks in advance, lamas

like image 684
lamas Avatar asked Jan 23 '10 22:01

lamas


2 Answers

I think this can be explained this way, since a picture is worth a thousand words...

We'll start off with char name[] = "Fortran", which is an array of chars, the length is known at compile time, 7 to be exact, right? Wrong! it is 8, since a '\0' is a nul terminating character, all strings have to have that.

char name[] = "Fortran";
+======+     +-+-+-+-+-+-+-+--+
|0x1234|     |F|o|r|t|r|a|n|\0|
+======+     +-+-+-+-+-+-+-+--+ 

At link time, the compiler and linker gave the symbol name a memory address of 0x1234. Using the subscript operator, i.e. name[1] for example, the compiler knows how to calculate where in memory is the character at offset, 0x1234 + 1 = 0x1235, and it is indeed 'o'. That is simple enough, furthermore, with the ANSI C standard, the size of a char data type is 1 byte, which can explain how the runtime can obtain the value of this semantic name[cnt++], assuming cnt is an integer and has a value of 3 for example, the runtime steps up by one automatically, and counting from zero, the value of the offset is 't'. This is simple so far so good.

What happens if name[12] was executed? Well, the code will either crash, or you will get garbage, since the boundary of the array is from index/offset 0 (0x1234) up to 8 (0x123B). Anything after that does not belong to name variable, that would be called a buffer overflow!

The address of name in memory is 0x1234, as in the example, if you were to do this:

printf("The address of name is %p\n", &name);

Output would be:
The address of name is 0x00001234

For the sake of brevity and keeping with the example, the memory addresses are 32bit, hence you see the extra 0's. Fair enough? Right, let's move on.

Now on to pointers... char *name is a pointer to type of char....

Edit: And we initialize it to NULL as shown Thanks Dan for pointing out the little error...

char *name = (char*)NULL;
+======+     +======+ 
|0x5678| ->  |0x0000|    ->    NULL
+======+     +======+ 

At compile/link time, the name does not point to anything, but has a compile/link time address for the symbol name (0x5678), in fact it is NULL, the pointer address of name is unknown hence 0x0000.

Now, remember, this is crucial, the address of the symbol is known at compile/link time, but the pointer address is unknown, when dealing with pointers of any type

Suppose we do this:

name = (char *)malloc((20 * sizeof(char)) + 1);
strcpy(name, "Fortran");

We called malloc to allocate a memory block for 20 bytes, no, it is not 21, the reason I added 1 on to the size is for the '\0' nul terminating character. Suppose at runtime, the address given was 0x9876,

char *name;
+======+     +======+          +-+-+-+-+-+-+-+--+
|0x5678| ->  |0x9876|    ->    |F|o|r|t|r|a|n|\0|
+======+     +======+          +-+-+-+-+-+-+-+--+

So when you do this:

printf("The address of name is %p\n", name);
printf("The address of name is %p\n", &name);

Output would be:
The address of name is 0x00005678
The address of name is 0x00009876

Now, this is where the illusion that 'arrays and pointers are the same comes into play here'

When we do this:

char ch = name[1];

What happens at runtime is this:

  1. The address of symbol name is looked up
  2. Fetch the memory address of that symbol, i.e. 0x5678.
  3. At that address, contains another address, a pointer address to memory and fetch it, i.e. 0x9876
  4. Get the offset based on the subscript value of 1 and add it onto the pointer address, i.e. 0x9877 to retrieve the value at that memory address, i.e. 'o' and is assigned to ch.

That above is crucial to understanding this distinction, the difference between arrays and pointers is how the runtime fetches the data, with pointers, there is an extra indirection of fetching.

Remember, an array of type T will always decay into a pointer of the first element of type T.

When we do this:

char ch = *(name + 5);
  1. The address of symbol name is looked up
  2. Fetch the memory address of that symbol, i.e. 0x5678.
  3. At that address, contains another address, a pointer address to memory and fetch it, i.e. 0x9876
  4. Get the offset based on the value of 5 and add it onto the pointer address, i.e. 0x987A to retrieve the value at that memory address, i.e. 'r' and is assigned to ch.

Incidentally, you can also do that to the array of chars also...

Further more, by using subscript operators in the context of an array i.e. char name[] = "..."; and name[subscript_value] is really the same as *(name + subscript_value). i.e.

name[3] is the same as *(name + 3)

And since the expression *(name + subscript_value) is commutative, that is in the reverse,

*(subscript_value + name) is the same as *(name + subscript_value)

Hence, this explains why in one of the answers above you can write it like this (despite it, the practice is not recommended even though it is quite legitimate!)

3[name]

Ok, how do I get the value of the pointer? That is what the * is used for, Suppose the pointer name has that pointer memory address of 0x9878, again, referring to the above example, this is how it is achieved:

char ch = *name;

This means, obtain the value that is pointed to by the memory address of 0x9878, now ch will have the value of 'r'. This is called dereferencing. We just dereferenced a name pointer to obtain the value and assign it to ch.

Also, the compiler knows that a sizeof(char) is 1, hence you can do pointer increment/decrement operations like this

*name++;
*name--;

The pointer automatically steps up/down as a result by one.

When we do this, assuming the pointer memory address of 0x9878:

char ch = *name++;

What is the value of *name and what is the address, the answer is, the *name will now contain 't' and assign it to ch, and the pointer memory address is 0x9879.

This where you have to be careful also, in the same principle and spirit as to what was stated earlier in relation to the memory boundaries in the very first part (see 'What happens if name[12] was executed' in the above) the results will be the same, i.e. code crashes and burns!

Now, what happens if we deallocate the block of memory pointed to by name by calling the C function free with name as the parameter, i.e. free(name):

+======+     +======+ 
|0x5678| ->  |0x0000|    ->    NULL
+======+     +======+ 

Yes, the block of memory is freed up and handed back to the runtime environment for use by another upcoming code execution of malloc.

Now, this is where the common notation of Segmentation fault comes into play, since name does not point to anything, what happens when we dereference it i.e.

char ch = *name;

Yes, the code will crash and burn with a 'Segmentation fault', this is common under Unix/Linux. Under windows, a dialog box will appear along the lines of 'Unrecoverable error' or 'An error has occurred with the application, do you wish to send the report to Microsoft?'....if the pointer has not been mallocd and any attempt to dereference it, is guaranteed to crash and burn.

Also: remember this, for every malloc there is a corresponding free, if there is no corresponding free, you have a memory leak in which memory is allocated but not freed up.

And there you have it, that is how pointers work and how arrays are different to pointers, if you are reading a textbook that says they are the same, tear out that page and rip it up! :)

I hope this is of help to you in understanding pointers.

like image 164
t0mm13b Avatar answered Sep 22 '22 13:09

t0mm13b


That is a pointer. Which means it is a variable that holds an address in memory. It "points" to another variable.

It actually cannot - by itself - hold large amounts of characters. By itself, it can hold only one address in memory. If you assign characters to it at creation it will allocate space for those characters, and then point to that address. You can do it like this:

char* name = "Mr. Anderson";

That is actually pretty much the same as this:

char name[] = "Mr. Anderson";

The place where character pointers come in handy is dynamic memory. You can assign a string of any length to a char pointer at any time in the program by doing something like this:

char *name;
name = malloc(256*sizeof(char));
strcpy(name, "This is less than 256 characters, so this is fine.");

Alternately, you can assign to it using the strdup() function, like this:

char *name;
name = strdup("This can be as long or short as I want.  The function will allocate enough space for the string and assign return a pointer to it.  Which then gets assigned to name");

If you use a character pointer this way - and assign memory to it, you have to free the memory contained in name before reassigning it. Like this:

if(name)
    free(name);
name = 0;

Make sure to check that name is, in fact, a valid point before trying to free its memory. That's what the if statement does.

The reason you see character pointers get used a whole lot in C is because they allow you to reassign the string with a string of a different size. Static character arrays don't do that. They're also easier to pass around.

Also, character pointers are handy because they can be used to point to different statically allocated character arrays. Like this:

char *name;

char joe[] = "joe";
char bob[] = "bob";

name = joe;

printf("%s", name);

name = bob;
printf("%s", name);

This is what often happens when you pass a statically allocated array to a function taking a character pointer. For instance:

void strcpy(char *str1, char *str2);

If you then pass that:

char buffer[256];
strcpy(buffer, "This is a string, less than 256 characters.");

It will manipulate both of those through str1 and str2 which are just pointers that point to where buffer and the string literal are stored in memory.

Something to keep in mind when working in a function. If you have a function that returns a character pointer, don't return a pointer to a static character array allocated in the function. It will go out of scope and you'll have issues. Repeat, don't do this:

char *myFunc() {
    char myBuf[64];
    strcpy(myBuf, "hi");
    return myBuf;
}

That won't work. You have to use a pointer and allocate memory (like shown earlier) in that case. The memory allocated will persist then, even when you pass out of the functions scope. Just don't forget to free it as previously mentioned.

This ended up a bit more encyclopedic than I'd intended, hope its helpful.

Editted to remove C++ code. I mix the two so often, I sometimes forget.

like image 20
Daniel Bingham Avatar answered Sep 19 '22 13:09

Daniel Bingham