malloc and free issue

Question

So I have this piece of code, I run it a couple of times:

void svnViewStatus()
{
    FILE *file;
    int i, j, k, q=0, ok;
    char mystring[100000], *vect[100000], *var, last[12], first[12];
    file = fopen("db_svnViewStatus.txt", "r");
    if(file == NULL)
    {
        printf("error");
    }
    else
    {
        i=1;
        while(fgets(mystring, 100000, file))
        {
            if( i > 1) 
            {
                j=1;
                var = strtok(mystring, ";");
                while(var != NULL)
                {
                    if(j==3)
                    {
                        if(i == 2)
                        {
                            strcpy(first, var);
                        }
                        strcpy(last, var);
                    }
                    if(j == 2)
                    {
                        if(q != 0)
                        {
                            ok=1;
                            for(k=0; k<q; k=k+2)
                            {
                                if(strcmp(vect[k], var) == 0)
                                {
                                    *vect[k+1]++;
                                    ok=0;
                                }
                            }
                            if(ok == 1)
                            {
                                vect[q] = malloc(strlen(var)+1);
                                strcpy(vect[q], var);
                                vect[q+1] = malloc(sizeof(int));
                                *vect[q+1] = 1;
                                q = q+2;
                            }
                        }
                        else
                        {
                            vect[q] = malloc(strlen(var)+1);
                            strcpy(vect[q], var);
                            vect[q+1] = malloc(sizeof(int));
                            *vect[q+1] = 1;
                            q = q+2;
                        }
                    }
                    j++;
                    var = strtok(NULL, ";");
                }
            }
            i++;
        }
    }
    fclose(file);
    printf("nr: %d \n", i-2);
    printf("first: %s \n", first);
    printf("last: %s \n", last);
    for(i=0; i<q; i = i+2)
    {
        printf("User %s: %d \n", *vect[i], *vect[i+1]);
    }
    for(i=0; i<q; i=i+1)
    {
         free(vect[i]);
    }

}

and in the db_svnViewStatus.db I have:

NumeRepo:CitateWoodyAllen;DataCreat:12 Nov 2011;Detinator:Ioana;Descriere:Citate ale faimosului regizor Woody Allen
1;Ioana;12 Nov 2011;Woody Allen;What if everything is an illusion and nothing exists? In that case, I definitely overpaid for my carpet.
2;Mihai;12 Nov 2011;Woody Allen;The lion and the calf shall lie down together but the calf won't get much sleep
3;Mihai;13 Nov 2011;Woody Allen;Eighty percent of success is showing up
4;Cristi;23 Nov 2011;Woody Allen;It is impossible to travel faster than the speed of light, and certainly not desirable, as one's hat keeps blowing off
5;Ioana;25 Nov 2011;Woody Allen;I had a terrible education. I attended a school for emotionally disturbed teachers.
6;Cristi;25 Nov 2011;Woody Allen;I will not eat oysters. I want my food dead. Not sick. Not wounded. Dead.

But I get this:

"HEAP CORRUPTION DETECTED: after Normal block (#54) at 0x000032E90. CRT detected that the application wrote to memory after end of heap buffer."

Any help?

Also, should I use free after I allocate memory? Why?

Answer 1

You should allocate memory for terminating zero, like this:

vect[q] = malloc(strlen(var)+1);

If you fail to allocate an extra byte, strcpy will write past the end of the allocated block, causing heap corruption.