写比 malloced 更多的字符.为什么它不会失败? [英] Writing more characters than malloced. Why does it not fail?
问题描述
为什么以下工作不会引发某种分段错误?
Why does the following work and not throw some kind of segmentation fault?
char *path = "/usr/bin/";
char *random = "012";
// path + random +
// so its malloc(13), but I get 16 bytes due to memory alignment (im on 32bit)
newPath = (char *) malloc(strlen(path) + strlen(random) + 1);
strcat(newPath, path);
strcat(newPath, "random");
// newPath is now: "/usr/bin/012 " which makes 13 characters.
但是,如果我添加
strcat(newPath, "RANDOMBUNNIES");
这个调用不应该失败,因为 strcat 使用的内存比分配的多吗?因此,不应该
shouldn't this call fail, because strcat uses more memory than allocated? Consequently, shouldn't
free(newPath)
也失败了,因为它试图释放 16 个字节,但我使用了 26 个字节(/usr/bin/012RANDOMBUNNIES ")?
also fail because it tries to free 16 bytes but I used 26 bytes ("/usr/bin/012RANDOMBUNNIES ")?
非常感谢您!
推荐答案
大多数情况下,这种溢出问题不会使您的程序在烟雾和烧焦的硫磺味中爆炸.更微妙的是:在溢出变量之后分配的变量将被更改,从而导致程序稍后出现无法解释且看似随机的行为.
Most often this kind of overrun problems doesn't make your program explode in a cloud of smoke and the smell of burnt sulphur. It's more subtle: the variable that is allocated after the overrun variable will be altered, causing unexplainable and seemingly random behavior of the program later on.
这篇关于写比 malloced 更多的字符.为什么它不会失败?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!