This example can be compiled and works as expected.
1 #include <stdlib.h>
2 #include <stdio.h>
3 #include <string.h>
4
5 char * getstr() {
6 return strdup("Hello");
7 }
8
9 void *memcpy2(void *dest, const void *src, size_t len)
10 {
11 char * d = dest;
12 const char * s = src;
13
14 for (size_t i = 0; i < len; i++) {
15 d[i] = s[i];
16 }
17 return dest;
18 }
19
20 int main()
21 {
22 char buf[256];
23 char *str = getstr();
24
25 memset(buf, 0, 256);
26 memcpy2(buf, str, 255);
27
28 printf("%s\n", buf);
29
30 free(str);
31 return 0;
32 }
I reimplemented memcpy to have complete control over the test, making it independent from underlaying libc. As you can see, valgrind complains with this warning:
$ valgrind ./a.out
==9479== Memcheck, a memory error detector
==9479== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==9479== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==9479== Command: ./a.out
==9479==
==9479== Invalid read of size 1
==9479== at 0x4006B6: memcpy2 (k.c:15)
==9479== by 0x400731: main (k.c:26)
==9479== Address 0x5203046 is 0 bytes after a block of size 6 alloc'd
==9479== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==9479== by 0x4EC48D9: strdup (strdup.c:42)
==9479== by 0x400673: getstr (k.c:6)
==9479== by 0x4006F3: main (k.c:23)
==9479==
Hello
==9479==
==9479== HEAP SUMMARY:
==9479== in use at exit: 0 bytes in 0 blocks
==9479== total heap usage: 2 allocs, 2 frees, 1,030 bytes allocated
==9479==
==9479== All heap blocks were freed -- no leaks are possible
==9479==
==9479== For counts of detected and suppressed errors, rerun with: -v
I don't understand why this "invalid read of size 1" message appears. It has not sense for me at all. Can some of you explain what is wrong with this code? Thank you in advance!
