c. Handling of arrays that do not define the number of elements in a language

Asked 3 months ago, Updated 3 months ago, 7 views

As stated in the title, in the c language, there was a question about an array that did not specify the number of elements when declaring the array, so I asked you a question.
For example, in the following example,

#include<stdio.h>
# include <string.h>

int main() {
  char text1[] = "I like you.";
  char*text2 = "###";

  printf("number of elements of text1==%lu\n", sizeof(text1)/sizeof(text1[0])));
  strcat(text1, text2);
  printf("contained text1==%s\n", text1);
  return 0;
}

So, the result is

number of elements of text1==12
concatenated text1 == I like you.###

That's it.
You can see from the first line of the above result that the number of elements in text1 is 12 char types for the initial value + '\0'. However, even though strcat() contains more than 11 characters in text1, the result was output without any errors.

Why is this?If you try to store it in an array that exceeds the defined number of elements,

*** stack smashing detected***:

I thought you might get an error like...

If anyone knows anything, please let me know.

c

2022-09-30 13:55

3 Answers

For Microsoft Visual C++, /RTC (Runtime Error Check) is available.If this feature is enabled,

Run-Time Check Failure #2 - Stack around the variable'text1' was corrupted.

A runtime error is detected.
Also, strcat has a security flaw such as the question, so strcat_s is recommended.strcat_s is pre-recorded.The receives the buffer size to write to so that it can detect buffer overflows before writing.


2022-09-30 13:55

I don't know the environment, but if it's old C, the specification is not to check the stack size.
If I'm lucky, I'll just move.
If you are unlucky, you will destroy the area next to you. I don't know if stack over flow is the case, but it's a bad behavior.(Environmental Dependency)
A long time ago, I was lucky enough to move when there was a large unused array next to me.


2022-09-30 13:55

This is the result of strcat bulldozing the adjacent memory area of text1 like a bulldozer.
The code below identifies the adjacent memory space for text1.

#include<stdio.h>
# include <string.h>

int main() {
    char text1[] = "I like you.";
    char*text2 = "###";

    printf("before text1\n");
    for(const char*p=text1;*p;++p){
        printf("[%c]=%p\n", *p, p);
    }
    printf("[\\0]=%p\n", text1+strlen(text1));
    printf("[?]=%p\n", text1+strlen(text1)+1);
    printf("[?]=%p\n", text1+strlen(text1)+2);
    puts("");

    strcat(text1, text2);

    printf("after text1\n");
    for(const char*p=text1;*p;++p){
        printf("[%c]=%p\n", *p, p);
    }

    return 0;
}

Results.

before text1
[I] = 0x7ffffc49fe470
[ ] = 0x7ffffc49fe471
[l] = 0x7ffffc49fe472
[i] = 0x7ffffc49fe473
[k] = 0x7ffffc49fe474
[e] = 0x7ffffc49fe475
[ ] = 0x7ffffc49fe476
[y] = 0x7ffffc49fe477
[o] = 0x7ffffc49fe478
[u] = 0x7ffffc49fe479
[.] = 0x7ffffc49fe47a
[\0] = 0x7ffffc49fe47b
[?] = 0x7ffffc49fe47c
[?] = 0x7ffffc49fe47d

after text1
[I] = 0x7ffffc49fe470
[ ] = 0x7ffffc49fe471
[l] = 0x7ffffc49fe472
[i] = 0x7ffffc49fe473
[k] = 0x7ffffc49fe474
[e] = 0x7ffffc49fe475
[ ] = 0x7ffffc49fe476
[y] = 0x7ffffc49fe477
[o] = 0x7ffffc49fe478
[u] = 0x7ffffc49fe479
[.] = 0x7ffffc49fe47a
[#] = 0x7ffffc49fe47b
[#] = 0x7ffffc49fe47c
[#] = 0x7ffffc49fe47d

The [?] part is the memory area adjacent to text1. strcat cannot specify the size of the array, so it destroys the memory in this way and proceeds.
Note that there are many functions of this specification in C's standard library.


2022-09-30 13:55

If you have any answers or tips


© 2023 OneMinuteCode. All rights reserved.