-2

While trying to recover jpgs from a raw file in week4 of CS50 course , I got this seg fault error which I can't understand why or how it is caused, all I can tell is that according to valgrind line 110 causes this issue

I am fairly new to c language

int main(int argc, char *argv[])
{
    // check if one command arg is passed
    if (argc > 2 )
    {
        printf("Usage: ./recover image\n");
        return 1;
    }

    // try to open file to read from
    FILE *file = fopen(argv[1], "r");
    if (!file)
    {

        return 1;
    }


    BYTE bytes[512];
    int x =0 ;
    char num[10];


    FILE* output =NULL;

    while (fread(&bytes, 512, 1, file) == 1)
    {
        // first step create file name 
        sprintf(num, "%03i.jpg",x);

        // check for start of jpg file 
        if (bytes[0]==0xff && bytes[1] ==0xd8 && bytes[2]== 0xff && (bytes[3] & 0xf0) == 0xe0 )
        {   
            printf("Found file {%i}", x);
            output = fopen(num , "w");
            fwrite(&bytes ,512 ,1 ,output);
            x++;
        }
        else
        {
            fwrite(&bytes , 512 , 1 , output);
        }
    }
    return 0;
}

output of valgrind

==12934== Invalid read of size 4
==12934==    at 0x4A1C521: fwrite (iofwrite.c:37)
==12934==    by 0x4014CA: main (recover.c:110)
==12934==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==12934== 
==12934== 
==12934== Process terminating with default action of signal 11 (SIGSEGV)
==12934==  Access not within mapped region at address 0x0
==12934==    at 0x4A1C521: fwrite (iofwrite.c:37)
==12934==    by 0x4014CA: main (recover.c:110)
==12934==  If you believe this happened as a result of a stack
==12934==  overflow in your program's main thread (unlikely but
==12934==  possible), you can try to increase the size of the
==12934==  main thread stack using the --main-stacksize= flag.
==12934==  The main thread stack size used in this run was 8388608.
==12934== 
==12934== HEAP SUMMARY:
==12934==     in use at exit: 472 bytes in 1 blocks
==12934==   total heap usage: 2 allocs, 1 frees, 4,568 bytes allocated
==12934== 
==12934== LEAK SUMMARY:
==12934==    definitely lost: 0 bytes in 0 blocks
==12934==    indirectly lost: 0 bytes in 0 blocks
==12934==      possibly lost: 0 bytes in 0 blocks
==12934==    still reachable: 472 bytes in 1 blocks
==12934==         suppressed: 0 bytes in 0 blocks
==12934== Rerun with --leak-check=full to see details of leaked memory
==12934== 
==12934== For lists of detected and suppressed errors, rerun with: -s
==12934== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)
zsh: segmentation fault  valgrind ./recover card.raw
Jonathan Leffler
  • 730,956
  • 141
  • 904
  • 1,278
m3sfit
  • 65
  • 6
  • can you explain [this](https://medium.com/@austintackaberry) – m3sfit Aug 12 '21 at 09:36
  • @G.M. I thought about that too, but this can't be that. Note that `bytes` decays to `BYTE*` and `&bytes` becomes `*(BYTE[512])` and this is converted to `void*` always to same address so issue must be something else. – Marek R Aug 12 '21 at 09:36
  • I would try run this with address sanitizer to get better error description. Something like: `gcc -O2 -g -fsanitize=address,undefined main.c -o test && ./test` valgrind here is not very helpful. – Marek R Aug 12 '21 at 09:39
  • 1
    Real question should be: Was this line `output = fopen(num , "w");` successful? Also note `else` statement it can try write to file which was not opened. – Marek R Aug 12 '21 at 09:42
  • 2
    Slice code into smaller chunks. Note you are leaking file descriptors too. – Marek R Aug 12 '21 at 09:56

2 Answers2

1

take this one

int main(int argc, char *argv[])
{
    // check if one command arg is passed
    if (argc > 2 )
    {
        printf("Usage: ./recover image\n");
        return 1;
    }

    // try to open file to read from
    FILE *file = fopen(argv[1], "r");
    if (!file)
    {

        return 1;
    }


    BYTE bytes[512];
    int x =0 ;
    char num[10];


    FILE* output =NULL;

    while (fread(bytes, 512, 1, file) == 1)
    { 
        // check for file start 
        if (bytes[0]==0xff && bytes[1] ==0xd8 && bytes[2]== 0xff && (bytes[3] & 0xf0) == 0xe0 )
        {   
            if (output)
            {
                fclose(output);
            }
            // create file name
            sprintf(num, "%03i.jpg",x);
            printf("Found file {%i}\n", x);
            output = fopen(num , "w");
            fwrite(&bytes ,512 ,1 ,output);
            x++;
        }
        else if (output)
        {
            fwrite(bytes , 512 , 1 , output);
        }
    }  
    if(output)
    {
        fclose(output);
    }
    return 0;
}

notice the use of fclose(output); to close file descriptors, as noted by Marek R

Weed Cookie
  • 579
  • 1
  • 3
  • 11
0

changing

else
        {
            fwrite(&bytes , 512 , 1 , output);
        }

to

else if (output)
        {
            fwrite(&bytes , 512 , 1 , output);
        }

generates the pictures thanks to Marek R for mentioning the if file is opened comment

m3sfit
  • 65
  • 6