glibc 检测到 ./.a.out: free(): 无效指针

发布于 2024-10-18 15:45:35 字数 2719 浏览 3 评论 0原文

typedef struct _PERSON
{
        size_t age;
        unsigned char* name;
}PERSON;

int init(PERSON** person)
{
        (* person) = (PERSON *) malloc(sizeof(struct _PERSON));
        (* person)->age = 1;
        (* person)->name = (unsigned char *) malloc(sizeof(4));
        (* person)->name = "NAME";

        return 0;
}

void close(PERSON** person)
{
        (* person)->age = 0;
        if((* person)->name != NULL)
        {
                free((* person)->name);
        }

        if((* person) != NULL)
        {
                free((* person));
        }
}

int main(int argc, char* argv[])
{
        PERSON* p;

        init(&p);

        printf("%d\t%s\n", (int) p->age, p->name);

        close(&p);

        return 0;
}


1       NAME
*** glibc detected *** ./a.out: free(): invalid pointer: 0x000000000040079c ***
======= Backtrace: =========
/lib/libc.so.6(+0x774b6)[0x7fa9027054b6]
/lib/libc.so.6(cfree+0x73)[0x7fa90270bc83]
./a.out(close+0x3d)[0x400651]
./a.out[0x40069f]
/lib/libc.so.6(__libc_start_main+0xfe)[0x7fa9026acd8e]
./a.out[0x4004f9]

...

7fa8fc000000-7fa8fc021000 rw-p 00000000 00:00 0
7fa8fc021000-7fa900000000 ---p 00000000 00:00 0
7fa902478000-7fa90248d000 r-xp 00000000 08:12 23068732                   /lib/libgcc_s.so.1
7fa90248d000-7fa90268c000 ---p 00015000 08:12 23068732                   /lib/libgcc_s.so.1
7fa90268c000-7fa90268d000 r--p 00014000 08:12 23068732                   /lib/libgcc_s.so.1
7fa90268d000-7fa90268e000 rw-p 00015000 08:12 23068732                   /lib/libgcc_s.so.1
7fa90268e000-7fa902808000 r-xp 00000000 08:12 23068970                   /lib/libc-2.12.1.so
7fa902808000-7fa902a07000 ---p 0017a000 08:12 23068970                   /lib/libc-2.12.1.so
7fa902a07000-7fa902a0b000 r--p 00179000 08:12 23068970                   /lib/libc-2.12.1.so
7fa902a0b000-7fa902a0c000 rw-p 0017d000 08:12 23068970                   /lib/libc-2.12.1.so
7fa902a0c000-7fa902a11000 rw-p 00000000 00:00 0
7fa902a11000-7fa902a31000 r-xp 00000000 08:12 23068966                   /lib/ld-2.12.1.so
7fa902c25000-7fa902c28000 rw-p 00000000 00:00 0
7fa902c2e000-7fa902c31000 rw-p 00000000 00:00 0
7fa902c31000-7fa902c32000 r--p 00020000 08:12 23068966                   /lib/ld-2.12.1.so
7fa902c32000-7fa902c33000 rw-p 00021000 08:12 23068966                   /lib/ld-2.12.1.so
7fa902c33000-7fa902c34000 rw-p 00000000 00:00 0
7fff442d5000-7fff442f6000 rw-p 00000000 00:00 0                          [stack]
7fff44308000-7fff44309000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
Aborted
typedef struct _PERSON
{
        size_t age;
        unsigned char* name;
}PERSON;

int init(PERSON** person)
{
        (* person) = (PERSON *) malloc(sizeof(struct _PERSON));
        (* person)->age = 1;
        (* person)->name = (unsigned char *) malloc(sizeof(4));
        (* person)->name = "NAME";

        return 0;
}

void close(PERSON** person)
{
        (* person)->age = 0;
        if((* person)->name != NULL)
        {
                free((* person)->name);
        }

        if((* person) != NULL)
        {
                free((* person));
        }
}

int main(int argc, char* argv[])
{
        PERSON* p;

        init(&p);

        printf("%d\t%s\n", (int) p->age, p->name);

        close(&p);

        return 0;
}

1       NAME
*** glibc detected *** ./a.out: free(): invalid pointer: 0x000000000040079c ***
======= Backtrace: =========
/lib/libc.so.6(+0x774b6)[0x7fa9027054b6]
/lib/libc.so.6(cfree+0x73)[0x7fa90270bc83]
./a.out(close+0x3d)[0x400651]
./a.out[0x40069f]
/lib/libc.so.6(__libc_start_main+0xfe)[0x7fa9026acd8e]
./a.out[0x4004f9]

...

7fa8fc000000-7fa8fc021000 rw-p 00000000 00:00 0
7fa8fc021000-7fa900000000 ---p 00000000 00:00 0
7fa902478000-7fa90248d000 r-xp 00000000 08:12 23068732                   /lib/libgcc_s.so.1
7fa90248d000-7fa90268c000 ---p 00015000 08:12 23068732                   /lib/libgcc_s.so.1
7fa90268c000-7fa90268d000 r--p 00014000 08:12 23068732                   /lib/libgcc_s.so.1
7fa90268d000-7fa90268e000 rw-p 00015000 08:12 23068732                   /lib/libgcc_s.so.1
7fa90268e000-7fa902808000 r-xp 00000000 08:12 23068970                   /lib/libc-2.12.1.so
7fa902808000-7fa902a07000 ---p 0017a000 08:12 23068970                   /lib/libc-2.12.1.so
7fa902a07000-7fa902a0b000 r--p 00179000 08:12 23068970                   /lib/libc-2.12.1.so
7fa902a0b000-7fa902a0c000 rw-p 0017d000 08:12 23068970                   /lib/libc-2.12.1.so
7fa902a0c000-7fa902a11000 rw-p 00000000 00:00 0
7fa902a11000-7fa902a31000 r-xp 00000000 08:12 23068966                   /lib/ld-2.12.1.so
7fa902c25000-7fa902c28000 rw-p 00000000 00:00 0
7fa902c2e000-7fa902c31000 rw-p 00000000 00:00 0
7fa902c31000-7fa902c32000 r--p 00020000 08:12 23068966                   /lib/ld-2.12.1.so
7fa902c32000-7fa902c33000 rw-p 00021000 08:12 23068966                   /lib/ld-2.12.1.so
7fa902c33000-7fa902c34000 rw-p 00000000 00:00 0
7fff442d5000-7fff442f6000 rw-p 00000000 00:00 0                          [stack]
7fff44308000-7fff44309000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
Aborted

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

我是男神闪亮亮 2024-10-25 15:45:35

(* person)->name = (unsigned char ) malloc(sizeof(4)); (* person)->name = "NAME"

在这里您请求内存,然后丢失指向该内存的指针。 (您将其指向未由 malloc 分配的“NAME”。)这就是为什么当您尝试释放指针时会出现错误。

(* person)->name = (unsigned char ) malloc(sizeof(4)); (* person)->name = "NAME"

Here you request the memory and then lose the pointer to that memory. (You point it to "NAME" which wasn't allocated by malloc.) That's why when you try to free the pointer you get an error.

别忘他 2024-10-25 15:45:35

问题出在这个语句 ( *person)->name = "NAME"; 中。这不会将字符串“NAME”复制到变量name。相反,它使 name 指向另一个内存位置(而不是您分配的 malloc)。如果您尝试释放此内存,您将得到未定义的行为。您需要使用strcpy(或strncpy)将字符串复制到变量name中。目前您正在执行 malloc(sizeof(4)),这是不正确的。请记住,您需要为字符串分配字符数 + 1 个字符来容纳末尾的 NULL 字符,目前您只分配了 4 个字符,这还不够,您需要为 5 个字符分配内存。所以你需要执行malloc(sizeof(char)*5)

The problem is in this statement ( *person)->name = "NAME";. This does not copy the string "NAME" to variable name. Instead it makes name point to to another memory location(not the one malloc by you). If you try to free this memory you will get undefined behavior. You need to use strcpy (or strncpy) to copy the string into variable name. Currently you are doing malloc(sizeof(4)), which is not correct. Remember that you need to allocate no.of characters + 1 characters for strings to accomodate the NULL character at the end, currently you have allocated only 4 chars which is not sufficient, you need to allocate memory for 5 chars. So you need to do malloc(sizeof(char)*5).

热鲨 2024-10-25 15:45:35

另请看一下 calloc:
calloc

允许您分配指定大小的 n 个成员。也许这有助于思考问题。

Also take a look at calloc:
calloc

Allows you to allocate n members of a stated size. Perhaps it helps thinking about the problem.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文