Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Unsafe conversion

Tags:

c

type-conversion

pointers

type-safety

Is the following conversion safe?

int b[10][10];
char *x;
int a[]={0,1,2,3,4,5,6,7,8,9};

for(int i=0;i<10;i++)
  for(int j=0;j<10;j++)
    b[i][j]=a[i];

for(x=(char *)&b[0];x<=(char *)&b[9][9];x+=sizeof(a+1)) // Problem lies here!
    printf("%d\n",*x);

I don't think the above conversion in the for loop is safe (I think it is platform dependent). Please correct me if I am wrong. I am surprised because the code compiles without giving any warnings even when compiled using the -Wall -pedantic options in gcc.

like image 319
Prasoon Saurav Avatar asked Feb 06 '10 02:02

Prasoon Saurav

1 Answers

This whole thing has a chance of being legal for one and only one reason: the 2D int array object is reinterpreted as an array of char objects. While in general case memory reinterpretation leads to undefined behavior, the language specification explicitly allows "array of [signed/unsigned] char" reinterpretations for objects of any type.

However, one formal safety problem is still there. The language does not guarantee that any bit pattern is a valid value of char type. Your attempt to read reinterpreted memory through char type can theoretically cause undefined behavior if it encounters trap representation for char. In order to be safe here you have to use the unsigned char type, which is the only type that has no trap representations. Of course, a platform with a trapping char can be safely called "exotic".

Meanwhile, your sizeof(a + 1) doesn't seem to make any sense. a + 1 is an expression of int * type. Why you'd want to use the pointer size to increment your x value in this case is not clear to me. What were you trying to achieve?

As for the absence of warnings... I wouldn't expect the compiler to issue any warnings here. GCC often warns about type-punning (aka memory reinterpretation), but since char reinterpretations are explicitly allowed (as I said above), there's no warning here. Moreover, explicit casts usually tend to suppress any warnings, since they are a way of telling the compiler that you do actually want to do something regardless of how wrong and/or dangerous it might be.

like image 52
AnT Avatar answered Sep 22 '22 13:09

AnT
Sign in to Comment

Related questions

RDMS for C language newbie? [closed]
Cross-platform editor control [closed]
Cancel libcurl easy handle
C : how pthread dataspecific works?
calling a callback from a thread using function pointers
C: How long can a double be when printed through printf()
using unions in function parameters
How to change the color of a textual cue when sending an EM_SETCUEBANNER Message?
Querying MX record in C linux
Tool for program statistics
Adding missing NULL checks after malloc with coccinelle
_setmaxstdio max open files is 2048 only?
Using Sparse to check C code
sem_timedwait not supported properly on RedHat Enterprise Linux 5.3 onwards?
What is the fastest semi-arbitrary precision math library? [closed]
Converting double to float without relying on the FPU rounding mode
how do I print a binary double array from commandline (unix)
Is it correct C99 that you don't need to specify arguments in function pointer declarations in structs?
Seeking tool to graphically show (header) file dependancies in C/C++ [closed]
What algorithms are available to resize a hash table?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!