Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why does "malloc(): corrupted top size" error get fixed when I have printf() before/after it?

Tags:

c

pointers

malloc

Given an absolute path I am trying to get the part that comes after a certain directory. getTargetPath function does that and when I compile and run the code below, the code gives me the expected output.

The problem is when I remove the printf("\n") before the line with malloc in main, I get:

malloc(): corrupted top size
Aborted (core dumped)

So when I put a printf("\n") before or after the line with malloc the code seems to work fine but when I remove it, I get the error above.

My question is, why does this happen? I am not asking for a solution to my problem with the path string. I just want to learn what causes this behavior.

#include <stdio.h>
#include <string.h>
#include <stdlib.h>


const char* getTargetPath(const char* source)
{
    int count = 0;
    int i = 0;

    while(*source)
    {
        if (*source == '/')
        {
            ++count;
            if (count == 4)
            {
                break;
            }
        }
        ++source;
    }

    return source;
}


int main()
{
    const char* backup_path = "/home/ofy/real_2";
    char temp1[] = "/home/dir1/dir2/dir3/dir4/dir5";
    const char* s1 = temp1;

    const char* s2 = getTargetPath(s1);

    printf("\n");
    char* full_path = (char*)malloc(strlen(backup_path) * sizeof(char));

    strcpy(full_path, backup_path);
    strcat(full_path, s2);

    printf("%s\n", full_path);

    return 0;
}
like image 774
OmerFY Avatar asked Jul 02 '19 15:07

OmerFY

1 Answers

You're not allocating enough space for full_path:

char* full_path = (char*)malloc(strlen(backup_path) * sizeof(char));

It needs to be at least as long as backup_path and s2, plus 1 for the terminating null byte, but you only have enough for backup_path. This results in you writing past the end of allocated memory which invokes undefined behavior.

With undefined behavior, you can't predict what your program will do. It could crash, it could output strange results, or it can appear to work properly. Also, making a seemingly unrelated code change can change how UB manifests itself. This is exactly what you saw when you removed the printf call. With the printf the program "worked" while without it the program crashed.

To allocate the proper amount of space:

char* full_path = (char*)malloc(strlen(backup_path) + strlen(s2) + 1);
like image 79
dbush Avatar answered Nov 03 '22 23:11

dbush
Sign in to Comment

Related questions

Hibernate throwing validation exception "wrong column type encountered in column" even when my DDL script and JPA entity are in sync
Private Cocapods repo in devops Pipelines
When / how is the Room schema file being generated?
Best way to verify an mp3 file with python
What relation is there between Angular's <ng-content> and ShadowDOM
Place multiple stop exit orders for single entry
Azure Stream Analytics. Pricing
Unable to determine the desired template from the input template name: blazorserverside
React Lazy loaded component loosing it's state (gets unmounted)
How to slice a pandas MultiIndex df keeping all values until a certain condition is met?
Laravel nova action - get current model instance on fields()
Laravel delete job once it fails

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!