0

Admittedly what I was trying to do was at best educated guess work.

I have an array of strings, and I was trying to account for if someone entered a string that was too large, or the array received too much input (it needs to be dynamic for what I'm trying to do)

here's the section of code that's breaking:

if (strlen(token) > wordlength)
{
  wordlength *= 2;
  for(int j = 0; j < numwords; j++)
  {
    char* tmpw = realloc(wordarray[j], wordlength);
    assert(tmpw != NULL);
    wordarray[j] = tmpw;
    printf("increased size of words to %zu \n", wordlength);
  }

}

Explanations:

Token is the next word being taken in (I'm parsing a string) so I compare it to the current word length, if it's too big, i double word length and try to adjust the array accordingly.

If you need any more information let me know

initialization of wordarray:

wordarray = malloc(numwords);
for(int i = 0; i < numwords; i++)
  wordarray[i] = malloc(wordlength);

Another place where realloc crashes:

if (arraycounter > numwords)
{
  numwords *= 2;
  char** tmp = realloc(wordarray, numwords);
  assert(tmp != NULL);
  wordarray = tmp;
  for(int h = arraycounter; h < numwords; h++)
    wordarray[h] = malloc(wordlength);
  printf("increased size of wordarray to %zu \n", numwords);
}

In this situation, it would attempt to increase the size of the array if it was about to go over the initial set limit, so would not be affected due to token running out of memory (tested with 20 small words and it crashed on its attempt to resize)

noneabove
  • 89
  • 2
  • 12
  • 2
    How do you initialize `wordarray`? – Graham Borland Mar 11 '14 at 22:11
  • 1
    @GrahamBorland added to main question (since i can format it there) – noneabove Mar 11 '14 at 22:18
  • 1
    And are you sure `token` is big enough? Feels like a buffer overrun somewhere. – Graham Borland Mar 11 '14 at 22:27
  • @GrahamBorland token itself is fine and able to output the current token right before it crashes, it's crashing on the part where I realloc, I assume likely because I'm doing the realloc incorrectly – noneabove Mar 11 '14 at 22:32
  • 1
    No, the `realloc` looks fine. Something else is causing a corruption. How do you know `token` is fine? How are you allocating it, and how long is the string it contains just before you see the failure? – Graham Borland Mar 11 '14 at 22:33
  • Make sure you have allocated an extra byte for the null character, or you will get a buffer overflow – Joseph Mar 11 '14 at 22:37
  • @GrahamBorland interesting.. I assume token is fine because in the error I get this: (note token is just meant to be greater than 40 characters, in order to force a reallocate) token = lasdhflajsdhflkaushdlfkajsdhflkajsdhlfkjashdlfkajshdlkfjahsdlkfjashd *** glibc detected *** ./userinput: realloc(): invalid next size: 0x00007f612c000920 *** – noneabove Mar 11 '14 at 22:38
  • 1
    How are you allocating `token`? Just because it happens to print OK doesn't mean it's not trashing memory somewhere. – Graham Borland Mar 11 '14 at 22:40
  • @GrahamBorland I had never allocated token explicitly, so just now I made sure it had 80 (double what each word is allowed before needing to bump in size) and it still crashes. I'm going to add another section to the original post in a minute, it crashes on another realloc too (i assumed for the same reason so didn't include it) – noneabove Mar 11 '14 at 22:44
  • Well the random string you had in `token` is 69 characters long, so if you only had 40 reserved, no wonder it was causing problems. We'll need to see more code if it's still failing with token at 80 chars. – Graham Borland Mar 11 '14 at 22:47
  • `*Sigh*` when will glibc fix this message to say something like "glibc detected at the time of realloc that your program overflowed a buffer or otherwise corrupted the heap"? This "invalid old size" message is cryptic and a source of endless duplicate questions... – R.. GitHub STOP HELPING ICE Mar 11 '14 at 23:13

1 Answers1

1

You need

wordarray = malloc(numwords * sizeof *wordarray);

Also, what do you want to happen when your program is compiled without assert and run on a system with low memory? I mean, the use of assert() is probably wrong.

pmg
  • 106,608
  • 13
  • 126
  • 198