1

Topic: Why at an output from function?

In what here a bug?

static int my_addstr (HANDLE *hwnd) {
const char* a = lib_get_string (hwnd, 0);
const char* b = lib_get_string (hwnd, 1);
char *str = malloc (strlen (a) + strlen (b));
strcpy (str, a);
strcat (str, b);
lib_push_string (hwnd, str);
free (str);
return 1;
}

Error

wrote:

---------------------------
Microsoft Visual C ++ Runtime Library
---------------------------
Debug Error!
HEAP CORRUPTION DETECTED: after Normal block (#62) at 0x0000024B639396F0.
CRT detected that the application wrote to memory after end of heap buffer.
(Press Retry to debug the application)
---------------------------
To interrupt Repetition to Pass
---------------------------

2

Re: Why at an output from function?

Under a line end forgot a place to select

char *str = malloc (strlen (a) + strlen (b)>>> + 1 <<<);

3

Re: Why at an output from function?

Looked at a compiler broad gull, at the assembly it produces here it:

wrote:

warning C4996: ' strcpy ': This function or variable may be unsafe. Consider using strcpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.
warning C4996: ' strcat ': This function or variable may be unsafe. Consider using strcat_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.

Problem in these functions?

4

Re: Why at an output from function?

Dima T wrote:

Under a line end forgot a place to select

char *str = malloc (strlen (a) + strlen (b)>>> + 1 <<<);

Really! Now works as it is necessary)

5

Re: Why at an output from function?

Eolt wrote:

Looked at a compiler broad gull, at the assembly it produces here it:
it is passed...
Problem in these functions?

No, in them TOO the PROBLEM, but another, and you for the present did not face it.

6

Re: Why at an output from function?

static int my_addstr (HANDLE *hwnd) {
...
lib_push_string (hwnd, str);
free (str);
return 1;
}

Still there can be a problem (another already) here, in lib_push_string is transferred a line, and then this line
It is destroyed.
If lib_push_string this line only copies to itself, and forgets, all ;
it save the link to this line there will be problems.

7

Re: Why at an output from function?

MasterZiv;
How I understand, type char and functions strcpy and strcat to use not safely?
It is necessary to transform a line in any vector <string> and to work already with it?

8

Re: Why at an output from function?

Eolt wrote:

As I understand, type char and functions strcpy and strcat to use not safely?

it is such specificity from , to declare standard functions from CRTL . It is necessary that it was impossible to write the transferable code, I so ))

9

Re: Why at an output from function?

10

Re: Why at an output from function?

Eolt wrote:

MasterZiv;
How I understand, type char and functions strcpy and strcat to use not safely?
It is necessary to transform a line in any vector <string> and to work already with it?

No, you misunderstand.
These are problems of standard library of language With, to With ++ they do not concern at all.
Problems in that strcpy and strcat and some other functions CRTL basically cannot supervise storage buffer overflow where they write - at them are not present an appropriate input parameter, the size of the buffer.
To overcome these problems, in the modern versions CRTL include the new functions similar to destination old, but with additional parameters, allowing to supervise the size of the output buffer.
It concerns even family functions sprintf , and some other.
Also in a similar way solve problems with  some functions CRT of type strtok .

11

Re: Why at an output from function?

12

Re: Why at an output from function?

MasterZiv wrote:

I by the way then will check up, whether coincide MS extensions with POSIX.

look, please, at it interesting, for the general development.

MasterZiv wrote:

in the modern versions CRTL include the new functions similar to destination old, but with additional parameters, allowing to supervise the size of the output buffer

I only not absolutely I understand, how this input parameter increases code safety? If I specified in it wrong value it is perfect as storage, as well as in functions without this parameter will spoil. It there itself cannot supervise anything, easier level of fulfillment of an error advance slightly forward.
It is an incapable of solution problem in With and that from it to get rid, it is necessary to use With ++ and appropriate classes of operation with lines.

13

Re: Why at an output from function?

egorych wrote:

it is passed...
Look, please, at it interesting, for the general development.

For example vsnprintf () like as the C ++ 11 and at its MSEC is not present, but is vsprintf_s ()
fopen () according to MS dangerous, therefore in  it is recommended to use fopen_s ()
at the MSEC as usual all not as at all.

14

Re: Why at an output from function?

egorych wrote:

I only not absolutely understand, how this input parameter increases code safety? If I specified in it wrong value it is perfect as storage, as well as in functions without this parameter will spoil. It there itself cannot supervise anything, easier level of fulfillment of an error advance slightly forward.

The size of the buffer is intended for protection against deliberate attacks of users on buffer overflow, instead of for error protection of the programmer.
And it perfectly fulfills this function.

15

Re: Why at an output from function?

16

Re: Why at an output from function?

Anatoly Moskovsky wrote:

the Size of the buffer is intended for protection against deliberate attacks of users on buffer overflow, instead of for error protection of the programmer.
And it perfectly fulfills this function.

understood, thanks

17

Re: Why at an output from function?

18

Re: Why at an output from function?

MasterZiv wrote:

it is passed...
This abnormal decision for With,

Well here for example library GLib is written on a pure C.

//https://developer.gnome.org/glib/stable/glib-String-Utility-Functions.html#g-strdup-printf wrote:

g_strdup_printf ()

gchar *
g_strdup_printf (const gchar *format;
...);

Similar to the standard A C sprintf () function but safer, since it calculates the maximum space required and allocates memory to hold the result. The returned string should be freed with g_free () when no longer needed.
...
Returns
a newly-allocated string holding the result

MasterZiv wrote:

and generally because not always storage selection generally is possible.
Imagine architecture where malloc always returns 0...

So it most likely any embedded platforms, normal programs there not .

19

Re: Why at an output from function?

Peter Sedov;
Who knows that where ?
You offer there also CRT always ?

20

Re: Why at an output from function?

21

Re: Why at an output from function?

Siemargl wrote:

It long and not always is necessary.

And it is not absolutely clear, from what pool to select

22

Re: Why at an output from function?

MasterZiv wrote:

who knows that where ?

I know that serious programs everywhere use storage runtime allocation, therefore  them on embedded platforms without will be heap nobody.

MasterZiv wrote:

you offer there also CRT always ?

I suggest to forget functions strcpy/strcat. And them  the analogs, which Visual Cs ++ tries to palm off on the programmer, even it is not necessary to consider.

Siemargl wrote:

it is passed...
It long and not always is necessary.

well and how then to do a string concatenation if it is worked with lines in C-shnom style? About it there was a speech in the first message. To spread on all code calls of functions strcpy/strcat? Such method is not pleasant to me:

strcpy (buf, "aaa");
strcat (buf, "bbb");//transverses "aaa", writes "bbb"
strcat (buf, "ccc");//transverses "aaabbb", writes "ccc"
strcat (buf, "ddd");//transverses "aaabbbccc", writes "ddd"
strcat (buf, "eee");//transverses "aaabbbcccddd", writes "eee"
strcat (buf, "fff");//transverses "aaabbbcccdddeee", writes "fff"
strcat (buf, "ggg");//transverses "aaabbbcccdddeeefff", writes "ggg"
...
wrote:

it is passed...
And it is not absolutely clear, from what pool to select

If  for speed of operation of the program at everyone thread should be personal heap for temporal units of storage with short lifetime. If not  it is possible to use simply heap process (malloc/free, global new/delete).

23

Re: Why at an output from function?

Peter Sedov;
It is not pleasant to you, what strcat "transverses"?
So and if to compare to the code malloc and to consider time for context switching / a system call of selection of storage?
Who does not want  for the speed - writes in languages with GC.

24

Re: Why at an output from function?

Sedov wrote:

it is passed...
I know that serious programs everywhere use storage runtime allocation, therefore  them on embedded platforms without will be heap nobody.

Very strange determination "serious programs".
Give briefly: you are wrong.

25

Re: Why at an output from function?

Yes dispute on what. Comparing of crocodiles and stops.
Functions with the size of the buffer are intended for protection of ready programs from .
And functions which select the necessary buffer - for simplification of operation of the programmer.
These are absolutely orthogonal two directions and completely not mutually exclusive.