Re: pointer one past malloc.ed memory
From: pete (pfiland_at_mindspring.com)
Date: 07/12/04
- Next message: Richard Bos: "Re: Is it time for secure C ?"
- Previous message: Martin Ambuhl: "Re: how to access a file in C:\"
- In reply to: Sushil: "Re: pointer one past malloc.ed memory"
- Next in thread: Richard Bos: "Re: pointer one past malloc.ed memory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Mon, 12 Jul 2004 10:39:04 GMT
Sushil wrote:
>
> > We generally don't know MIPS assembler and as a C programmer, you
> > shouldn't care. If you care to post some C code which exhibits the
> > problem, several people here might be more able to help you.
> >
> > Note that 0x80000000 is -2147483648 or INT_MIN on 32-bit systems.
>
> Thanks for your reply Joe and Pete.
>
> The simplified code is like this
> magic_struct *magic_ptr = ((magic_struct *) ((uchar *) ptr +
> ptr->size))- 1;
> where magic_struct contains two magic ulongs.
>
> The issue is ptr + ptr->size becomes 0x80000000 and -1 after pointer
> arithmetic is 8 bytes since sizeof(magic_struct) is 8. However, the
> compiler does not do the -8 part since it is compiled with -O3 (okay I
> know this is offtopic). Instead, when magic_ptr->magic1 is referenced
> (later) compiler offsets -8 from the above address at that point. This
> is overflowing and causing an address exception.
>
> The way I fixed it is I rearranged code
> magic_struct *magicptr = ((uchar *) ptr - sizeof(magic_struct)) +
> ptr->size;
If ptr is the lowest byte of the object,
then it is not safe to subtract from it.
It is safe to calculate the integer part first
and then add it the pointer.
magic_struct *magicptr
= ptr->size - sizeof(magic_struct) + (uchar *)ptr;
>
> Question 1:
> Do you think this trick(the parentheses) will force it to calculate
> entire thing (it is working right now - but I am not confident it
> always will).
No.
> Question 2:
> What does the language say about the address calculation.
There is a rule which explicitly allows the calculation
of an address one byte beyond an object, as long as it
is not dereferenced. There is no such rule for addresses
lower than an object lowest addressable byte.
> What is the signedness of address when it comes to address arithemtic.
> For example pointer to a struct. Is it signed or unsigned.
No. Pointers are scalar but not integer types.
The difference between two pointers,
is a signed integer type called ptrdiff_t, defined in stddef.h
-- pete
- Next message: Richard Bos: "Re: Is it time for secure C ?"
- Previous message: Martin Ambuhl: "Re: how to access a file in C:\"
- In reply to: Sushil: "Re: pointer one past malloc.ed memory"
- Next in thread: Richard Bos: "Re: pointer one past malloc.ed memory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
