CHAR Array - stuffed with values - with more size than it holds

dhanamurthy · February 14, 2008, 10:04am

Hi All
I am simulating a problem in the production where i faced a situation.
Please find the following example program which i simulated.

#include<stdio.h>

#include<stdlib.h>

#include<string.h>

int main()

{

char str1[20];

char str2[20];

double t1=0.0;

double output_value=888.00;

double count=0.0;

memset(str1,0x00,20);

memset(str2,0x00,20);

char output_str[20];

char output_str1[20];

memset(output_str,0x00,20);

memset(output_str1,0x00,20);

for(int i=0;i<50;i++) (Purposely specifying as 50 and not 20 as per the variable)

        \{

        count=count\+1.0;

        sprintf\(output_str, "%12.2f", count\); \(When str1 is exhausted i.e after 20th byte it is taking the value from str2 mentioned below\)

strcat\(str1,output_str\);

        strcat\(str1, "  "\);

printf\("The string length of str1=%d\\n",strlen\(str1\)\);



if \(i != 0\)

                    output_value= 1 \+ output_value;

        sprintf\(output_str1, "%12.2f", output_value\);

 strcat\(str2, output_str1\);

strcat\(str2, "  "\);



printf\("The str1 has the value =%s\\n\\n",str1\);

printf\("The str2 has the value =%s\\n\\n",str2\);

    

        \}

printf("\n\n\n The output line 3=%s\n",str1);

}

Please let me know if str1 is stuffed more than what it can hold, should it take the values from str2 ? as arrays are stored by contiguous memory location.

jim_mcnamara · February 14, 2008, 2:59pm

You are asking what happens with string overflow. Some systems have kernel traps to prevent it. But normally, the overflow goes into the stack down toward the start of the next variable

#include <stdlib.h>
int main(int argc, char **argv)
{
	char a[3]={0x0};
	char b[3]={0x0};
	char c[3]={0x0};
	int i=0;

	for(i=0; i<atoi(argv[1]);i++) b=i+48;
	printf("iterations=%d ", atoi(argv[1]) );
	printf("a=%s b=%s c=%s ", a,b,c);
	printf("addr a=%x addr b=%x addr c=%x\n", a,b,c);
	return 0;

}

output

Once you write enough characters it starts to write in variable "c" memory. char is normally memory aligned on the stack to a word boundary - on this system 8 bytes.
While variables are contiguous in a sense, they can have filler between them.

dhanamurthy · February 14, 2008, 3:32pm

Hi
From your example i understand that only 8 bytes are stored in variable b and the 9th byte is stored in c (while we try to write it in b).

Correct me if my understanding is wrong.

My point here is ....
(to the point in my example)

char str1[20];
char str2[20;

if str1 is overflowed and str2 is also in the process of adding values to it.
At a point where str1 is overflowed the next value i.e 21st position will point to the location of str2[0] ??

Let me know if you are unable to understand.

Regards
Dhanamurthy

jim_mcnamara · February 14, 2008, 5:31pm

*I understood from the beginning. I said they are not truly contiguous in memory.
Why? they are 20 chars long. 20 % 8 == 4 There are 4 bytes between them. Very probably.

The first position in memory after str1 (str1["21"] which does not really exist) is very likely NOT str2[0].

Why only very likely NOT true?

How things are positioned in memory is implementation dependent. So I cannot guarantee where str1 and str2 live in memory because you may be running a non-standard compiler or running in a special unix environment.

In the environments I do know they will not be back-to-front in memory. There will be a gap. Why don't you just modify my code and see?