Char and strcpy in C
I came across a part of question in which, I am getting an output, but I need a explanation why it is true and does work?
char arr[4];
strcpy(arr,\"This is a li
-
Your code has some memory issues (buffer overrun) . The function
strcpycopies bytes until the null character. The functionprintfprints until the null character.讨论(0) -
The short answer why it worked (that time) is -- you got lucky. Writing beyond the end of an array is undefined behavior. Where undefined behavior is just that, undefined, it could just a easily cause a segmentation fault as it did produce output. (though generally, stack corruption is the result)
When handling character arrays in C, you are responsible to insure you have allocated sufficient storage. When you intend to use the array as a character string, you also must allocate sufficient storage for each character
+1for the nul-terminating character at the end (which is the very definition of a nul-terminated string in C).Why did it work? Generally, when you request say
char arr[4];the compiler is only guaranteeing that you have 4-bytes allocated forarr. However, depending on the compiler, the alignment, etc. the compiler may actually allocate whatever it uses as a minimum allocation unit toarr. Meaning that while you have only requested4-bytesand are only guaranteed to have4-usable-bytes, the compiler may have actually set aside8, 16, 32, 64, or 128, etc-bytes.Or, again, you were just lucky that
arrwas the last allocation requested and nothing yet has requested or written to the memory address starting atbyte-5followingarrin memory.The point being, you requested
4-bytesand are only guaranteed to have4-bytesavailable. Yes it may work in that oneprintfbefore anything else takes place in your code, but your code is wholly unreliable and you are playing Russian-Roulette with stack corruption (if it has not already taken place).In C, the responsibility falls to you to insure your code, storage and memory use is all well-defined and that you do not wander off into the realm of undefined, because if you do, all bets are off, and your code isn't worth the bytes it is stored in.
How could you make your code well-defined? Appropriately limit and validate each required step in your code. For your snippet, you could use
strncpyinstead ofstrcpyand then affirmatively nul-terminatearrbefore callingprintf, e.g.char arr[4] = ""; /* initialize all values */ strncpy(arr,"This is a link", sizeof arr); /* limit copy to bytes available */ arr[sizeof arr - 1] = 0; /* affirmatively nul-terminate */ printf ("%s\n",arr);Now, you can rely on the contents of
arrthroughout the remainder of your code.讨论(0) -
There is no guarantee on the behavior of this piece of code. It's just like: you told me "I'll pick you up at 5:00 p.m." and when you came I would be there(guarantee). But I can't guarantee whether I had grabbed you a cup of coffee or not, because you didn't told me you want one. Maybe I'm very nice and bought two cups of coffee, or maybe I'm a cheapskate and just bought one for myself.
讨论(0) -
It may work. It may not. It may fail immediately and obviously. It may fail at some arbitrary future time and in subtle ways that will drive you insane.
That is the often-insidious nature of undefined behaviour. Don't do it.
If it works at all, it's totally by accident and in no way guaranteed. It's possible that you're overwriting stuff on the stack or in other memory (depending on the implementation and how/where the actual variable
stris defined(a)) but that the memory being overwritten is not used after that point (given the simple nature of the code).That possibility of it working accidentally in no way makes it a good idea.
For the language lawyers among us, section
J.2(instances of undefined behaviour) ofC11clearly states:An array subscript is out of range, even if an object is apparently accessible with the given subscript (as in the lvalue expression
a[1][7]given the declarationint a[4][5]).That informative section references
6.5.6, which is normative, and which states when discussing pointer/integer addition (of whicha[b]is an example):If both the pointer operand and the result point to elements of the same array object, or one past the last element of the array object, the evaluation shall not produce an overflow; otherwise, the behavior is undefined. If the result points one past the last element of the array object, it shall not be used as the operand of a unary * operator that is evaluated.
(a) For example, on my system, declaring the variable inside
maincauses the program to crash because the buffer overflow trashes the return address on the stack.However, if I put the declaration at file level (outside of
main), it seems to run just fine, printing the message then exiting the program.But I assure you that's only because the memory you've trashed is not important for the continuation of the program in this case. It will almost certainly be important in anything more substantial than this example.
讨论(0) -
your code will always work as long as the printf is placed just after strcpy. But it is wrong coding Try following and it won't work
int j; char arr[4]; int i; strcpy(arr,"This is a link"); i=0; j=0; printf("%s",arr);To understand why it is so you must understand the idea of stack. All local variables are allocated on stack. Hence in your code, program control has allocated 4 bytes for "arr" and when you copy a string which is larger than 4 bytes then you are overwriting/corrupting some other memory. But as you accessed "arr" just after strcpy hence the area you have overwritten which may belong to some other variables still not updated by program that's why your printf works fine. But as I suggested in example code where other variables are updated which fall into the memory region you have overwritten, you won't get correct (? or more appropriate is desired) output Your code is working also because stack grows downwards if it would have been other way then also you had not get desired output讨论(0)
加载中...
- 热议问题