ProgrammingThis forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
That's not really the answer. The answer is that the assignment in question creates a string literal, which will cause a segfault when you try to overwrite it no matter how many bytes are involved. (String literals are stored in protected memory.)
I misexplained what was wrong in my remarks above, as I corrected.
Of course, you also get a segfault from 'free (dest);' after dest has been overwritten.
The result of a buffer overrun as mentioned would be "undefined behavior" ... it might work, crash, or segfault. I'm pretty sure the code didn't execute to that point, though.
When there's more than one thing wrong, it's sometimes hard to nail the pertinent one.
hai eerok,
your correct. thank you.
" (String literals are stored in protected memory.) " --> this i am able to understand ( your correct )
and is there any way to see this string in protected memory ? in elf. is there any tool for that.
but the core dump results shows strcpy raises segmentation fault. i am sure it is happening in this point. but my question is if you take the same concept program with array then you will not get segmentation problem then why it is for pointer? if your answer is "protected" means how can i make sure myself is there any way to make it conform using the linux tools? can you please help me to understand the problem.
is there any way to see this string in protected memory ? in elf. is there any tool for that.
but the core dump results shows strcpy raises segmentation fault. i am sure it is happening in this point. but my question is if you take the same concept program with array then you will not get segmentation problem then why it is for pointer? if your answer is "protected" means how can i make sure myself is there any way to make it conform using the linux tools? can you please help me to understand the problem.
Have you been using gdb to investigate this? I'm not an expert with this kind of thing, though I've used gdb occasionally. It's probably easier to research this less directly.
It's true that an array doesn't create the problem of the string literal; a string literal is defined in the standard as a preprocessing token, so it's processed before user data areas are initialized. The standard says string literals are used to "initialize an array of static storage duration and length just sufficient to contain the sequence." (n1124.pdf "6.4.5 String literals")
Perhaps it's faster to use string literals in the case where the contents don't need to be modified, or perhaps it's sometimes desirable to protect these strings for other reasons, but I admit that the larger questions here are beyond my technical competence
...the compiler makes a static string "hello world" in the object file. This is in a read-only data segment (called .data). The variable named c, of type pointer to a char, is set to be the address of the first character of the string in the .data segment.
If you try to modify the address of the static string in the data segment, you get a segfault because that page of memory is marked as read-only.
So, in answer to the question "why does this make a segfault?", see comments here:
Code:
dest=(char*) malloc(20); /* After this, dest points to newly allocated
memory from the heap (or NULL on failure) */
dest="data1"; /* oops, you've discarded the address of your
malloc'd memory, and instead set dest to
point at the static string "data1" in the
.data segment (readonly)! */
strcpy(dest,in); /* strcpy tries to write to the address of
"data1". Segfault! */
...
hai matthew,
thanks for your good explanation. i understand the concept thank you once again.
but can you tell me is there any tools in linux to trace these kind of problems other than gdb?
gdb is an excellent tool for this sort of work. If you don't like the text-mode interface, there are several GUI front-ends to gdb which might be more appealing, e.g. kdbg, insight and DDD (which is a really amazing tool for debugging and learning about data structures).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
