问
双重免费或损坏错误
手机用户2502938985 发布于 2023-02-12 20:03我一直收到这个错误:
*** glibc detected *** /s/httpget: double free or corruption (fasttop): 0x00000000005352a0 ***
我真的没有看到,我有两次免费.所以我猜它是因为腐败...我在附加的代码中做了一些评论,所以请看看那里,更好地理解问题.
Here backtrace:
#5 0x0000000000401077 in processXML (
start=0x506010 "\n\n\n
\n\n
这里的代码:
void processXML(char *start, char *stop, GTree* t)
{
if (start == NULL)return;
start = strstr(start,START);
char * cp = start ;
char * tmpP;
gpointer* key;
ticP tP;
size_t symlen=0;
while (cp < stop)
{
//here the first occurance of the var, which causes the problem
char * triP;
cp = (strchr( cp, '"'))+1;
tmpP = strchr( cp, '"');
if ( tmpP != NULL )
{
symlen = (tmpP - cp) ;
printf("mallocated %zu\n", symlen) ;
//EDIT
triP = malloc(symlen+1);
memcpy (triP, tmpP - (symlen) , symlen);
triP [symlen] = '\0';
printf(">>VAL %s<<\n", triP);
cp = strstr( cp, STARTP);
if (cp == NULL){ return;}
}
if (triP != NULL && (key = g_tree_lookup (t, triP))== NULL )
{
printf("I N S E R T E D \n");
tP = malloc(sizeof(tic));
g_tree_insert(t, triP, tP);
}
//here I try to free it but only if some bytes were allocated...
if (symlen >0)free (triP);
怎么了?
1 个回答
-
肯定是腐败,是的.这个:
triP = malloc(symlen); memcpy (triP, tmpP - (symlen) , symlen); triP [symlen] = '\0';
用最后一行闯入未分配的空间.如果分配
symlen字节,则有效索引从0到(并包括)symlen - 1,但索引symlen超出分配的空间1个字节.繁荣.像往常一样,要构建一个包含
n实际可见字符的字符串,您需要n + 1字符的空间值,以包含终止符.2023-02-12 20:07 回答
撰写答案
今天,你开发时遇到什么问题呢?
立即提问
京公网安备 11010802041100号