I have been investigating a piece of code that deals with buffers and have
the real possibility that after a convoluted algorithm to determine the
length of the desired buffer is executed, the applcation could attempt to
allocate a buffer of zero size!
Could you tell me the effects of the following piece of code?
#include <iostream>
#include <stdio.h>
using namespace std;
int main(int argc, char** argv)
{
char* ptr0 = new (char([0]));
char* ptr100 = new (char([100]));
cout << "ptr100 [" << ptr100 << "] ptr0 [" << ptr0 << "]" << endl;
sprintf(ptr100, "this is ptr100");
cout << "ptr100 " << ptr100 << endl;
sprintf(ptr0, "this is ptr0");
cout << "ptr0 " << ptr0 << endl;
printf("ptr100 [%p] ptr0 [%p]\n", ptr100, ptr0);
return(0);
}
This is the output of the applicattion
ptr100 [] ptr0 []
ptr100 this is ptr100
ptr0 this is ptr0
ptr100 [0x804a018] ptr0 [0x804a008] 2 8306
Pep wrote: I have been investigating a piece of code that deals with buffers and have the real possibility that after a convoluted algorithm to determine the length of the desired buffer is executed, the applcation could attempt to allocate a buffer of zero size!
This thread deals with the topic in more detail: http://groups.google.com/group/comp....ed9ac5334ae733
In short, assuming new does not throw an exception (which it could even
with zero size), a zero-sized array is valid and must be deleted(!) but
dereferencing the returned pointer is undefined.
Could you tell me the effects of the following piece of code?
#include <iostream> #include <stdio.h>
using namespace std;
int main(int argc, char** argv) { char* ptr0 = new (char([0])); char* ptr100 = new (char([100]));
What's with all those parentheses? You could reduce clutter and improve
readability like this:
char* ptr0 = new char[0];
char* ptr100 = new char[100];
cout << "ptr100 [" << ptr100 << "] ptr0 [" << ptr0 << "]" << endl;
sprintf(ptr100, "this is ptr100"); cout << "ptr100 " << ptr100 << endl;
sprintf(ptr0, "this is ptr0");
^^^^^^
The program is valid except for this line, which implicitly
dereferences ptr0. If it didn't crash, you were lucky. You have
certainly overflowed the buffer, corrupting who knows what, and since
ptr0 is zero-sized, the behavior is undefined.
cout << "ptr0 " << ptr0 << endl;
printf("ptr100 [%p] ptr0 [%p]\n", ptr100, ptr0);
return(0); }
This is the output of the applicattion
ptr100 [] ptr0 [] ptr100 this is ptr100 ptr0 this is ptr0 ptr100 [0x804a018] ptr0 [0x804a008]
Also, I'd note that you didn't delete the pointers, but since the
program is exiting, that may be irrelevant in practice.
Cheers! --M
mlimber wrote: Pep wrote: I have been investigating a piece of code that deals with buffers and have the real possibility that after a convoluted algorithm to determine the length of the desired buffer is executed, the applcation could attempt to allocate a buffer of zero size! This thread deals with the topic in more detail:
http://groups.google.com/group/comp....ed9ac5334ae733 In short, assuming new does not throw an exception (which it could even with zero size), a zero-sized array is valid and must be deleted(!) but dereferencing the returned pointer is undefined.
So having read the included url and your summary, I understand that I can
end up with a valid non-null pointer for a zero sized array that is
actually invalid if dereferenced! Could you tell me the effects of the following piece of code?
#include <iostream> #include <stdio.h>
using namespace std;
int main(int argc, char** argv) { char* ptr0 = new (char([0])); char* ptr100 = new (char([100]));
What's with all those parentheses? You could reduce clutter and improve readability like this:
I have lifted this line of code verbatim from an old working application.
char* ptr0 = new char[0]; char* ptr100 = new char[100];
cout << "ptr100 [" << ptr100 << "] ptr0 [" << ptr0 << "]" << endl;
sprintf(ptr100, "this is ptr100"); cout << "ptr100 " << ptr100 << endl;
sprintf(ptr0, "this is ptr0");
^^^^^^ The program is valid except for this line, which implicitly dereferences ptr0. If it didn't crash, you were lucky. You have certainly overflowed the buffer, corrupting who knows what, and since ptr0 is zero-sized, the behavior is undefined.
I thought that was the case but having received a valid pointer back from
the new operator thought I would explore the affects a little bit more.
In point of note the application did not crash in either FreeBSD using G++
2.95.4 or linux using g++ 3.3.5 cout << "ptr0 " << ptr0 << endl;
printf("ptr100 [%p] ptr0 [%p]\n", ptr100, ptr0);
return(0); }
This is the output of the applicattion
ptr100 [] ptr0 [] ptr100 this is ptr100 ptr0 this is ptr0 ptr100 [0x804a018] ptr0 [0x804a008]
Also, I'd note that you didn't delete the pointers, but since the program is exiting, that may be irrelevant in practice.
Cheers! --M
True I did not delete the pointers which is sloppy and I will not use the
fact that it is a test application as a excuse :)
BTW, this is a real world problem as opposed to a student question so I
appreciate your input. I will now change the existing program to guard
against 0 size array allocations.
Also the actual program in question uses the incorrect delete operator
instead of the delete[] operator to dispose of the arrays which I am
amending :(
Cheers,
Pep. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Sims |
last post by:
Hi,
I have a table that give a unique ID to certain Articles.
To give the ID i simply use the Auto count of the DB.
But what happens when i delete a record? i am now missing an ID.
How can i...
|
by: mike420 |
last post by:
I think everyone who used Python will agree that its syntax is
the best thing going for it. It is very readable and easy
for everyone to learn. But, Python does not a have very good
macro...
|
by: Az Tech |
last post by:
Hi people,
(Sorry for the somewhat long post).
I request some of the people on this group who have good experience
using object-orientation in the field, to please give some good ideas
for...
|
by: Sarah Tanembaum |
last post by:
Beside its an opensource and supported by community, what's the fundamental
differences between PostgreSQL and those high-price commercial database (and
some are bloated such as Oracle) from...
|
by: Neal |
last post by:
Patrick Griffiths weighs in on the CSS vs table layout debate in his blog
entry "Tables my ass" - http://www.htmldog.com/ptg/archives/000049.php . A
quite good article.
|
by: Peter Kirk |
last post by:
Hi there,
can someone tell me what exactly a "property" is in a C# class? As far as I
can see it is "two methods" - ie a getter and a setter for an instance
variable.
What is the difference...
|
by: vb. |
last post by:
Why we give a function data type?
when we declare a function we gave a name and datatype for that function what for?
if i make a parameter i declare it and give it a datatype and if i use variabels...
|
by: Marcel |
last post by:
Hello all,
I am a C++ beginner.
I would like to know where and how a C++ application stores it's data.
For example, imagine an application to manage your DVD collection. DVD can
be enterd...
|
by: Xah Lee |
last post by:
in March, i posted a essay “What is Expressiveness in a Computer
Language”, archived at:
http://xahlee.org/perl-python/what_is_expresiveness.html
I was informed then that there is a academic...
|
by: tjb |
last post by:
I often see code like this:
/// <summary>
/// Removes a node.
/// </summary>
/// <param name="node">The node to remove.</param>
public void RemoveNode(Node node) {
<...>
}
|
by: CloudSolutions |
last post by:
Introduction:
For many beginners and individual users, requiring a credit card and email registration may pose a barrier when starting to use cloud servers. However, some cloud server providers now...
|
by: Faith0G |
last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome former...
|
by: ryjfgjl |
last post by:
In our work, we often need to import Excel data into databases (such as MySQL, SQL Server, Oracle) for data analysis and processing. Usually, we use database tools like Navicat or the Excel import...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: aa123db |
last post by:
Variable and constants
Use var or let for variables and const fror constants.
Var foo ='bar';
Let foo ='bar';const baz ='bar';
Functions
function $name$ ($parameters$) {
}
...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
| |