Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why does strcpy trigger a segmentation fault with global variables?

Tags:

c

scope

pointers

character

segmentation-fault

So I've got some C code:

#include <stdio.h>
#include <string.h>

/* putting one of the "char*"s here causes a segfault */
void main() {
  char* path = "/temp";
  char* temp;
  strcpy(temp, path);
}

This compiles, runs, and behaves as it looks. However, if one or both of the character pointers is declared as global variable, strcpy results in a segmentation fault. Why does this happen? Evidently there's an error in my understanding of scope.

like image 511
codemonkey Avatar asked Sep 23 '08 18:09

codemonkey

People also ask

Why is strcpy giving segmentation fault?

a segmentation fault occurs when the program tries to write to a part of memory that the kernel does not allow access to. Your 2 char* pointers are not initialized and so could point to anywhere. then when you try to write to these pointer you will get a segmentation fault.

Which is better strcpy or strncpy?

The strncpy function is a safer version of strcpy to copy a string from a source to a destination buffer.

Does strcpy copy null terminator?

The strcpy() function copies string2, including the ending null character, to the location that is specified by string1. The strcpy() function operates on null-ended strings. The string arguments to the function should contain a null character (\0) that marks the end of the string.

Why is strncpy unsafe?

The strncpy() function is insecure because if the NULL character is not available in the first n characters in the source string then the destination string will not be NULL terminated. A program that demonstrates strncpy() in C++ is given as follows.

1 Answers

As other posters mentioned, the root of the problem is that temp is uninitialized. When declared as an automatic variable on the stack it will contain whatever garbage happens to be in that memory location. Apparently for the compiler+CPU+OS you are running, the garbage at that location is a valid pointer. The strcpy "succeeds" in that it does not segfault, but really it copied a string to some arbitrary location elsewhere in memory. This kind of memory corruption problem strikes fear into the hearts of C programmers everywhere as it is extraordinarily difficult to debug.

When you move the temp variable declaration to global scope, it is placed in the BSS section and automatically zeroed. Attempts to dereference *temp then result in a segfault.

When you move *path to global scope, then *temp moves up one location on the stack. The garbage at that location is apparently not a valid pointer, and so dereferencing *temp results in a segfault.

like image 168
DGentry Avatar answered Oct 13 '22 01:10

DGentry
Sign in to Comment

Related questions

negative integer number >> 31 = -1 not 1? [duplicate]
Adding signed and unsigned int
Printf was not declared in this scope
Multithreading using C on PIC18
Defining a Structure in C with Malloc
What are the differences between using pure C with a C compiler and the "C part" of a C++ compiler?
Difference between char* and char** (in C)
Why can't you access the address space of another process since Windows 95?
Comparing Same Float Values In C [duplicate]
Casting pointers on embedded devices
memmove implementation in C
Why is STDERR redirected to STDOUT
how to create two processes from a single Parent
Dividing with/without using floats in C [closed]
Is there a Windows IDE that can handle both C and Perl? [closed]
Write a program that sums the sequence of integers, as well as the smallest in the sequence
MIPS (or SPIM): Loading floating point numbers
Conversion of Char to Binary in C
How do I compile a Window API program using cl?
C programming. The FizzBuzz program [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!