-
February 5th, 2016, 03:26 PM
#1
Help! free() invalid pointer error
Hello all,
I have code to read in a message via tcp/ip as show below:
Code:
// keep reading until "size" bytes received
bytes = 0;
while(bytes < size)
{
uint8_t* buffer = (uint8_t*)malloc(size);
bzero(buffer, size);
ret = recv(socket, buffer, size, MSG_NOSIGNAL);
if(ret< 0)
{
free(buffer);
*message = NULL;
return -1;
}
bytes += snprintf((char*)*message+bytes, size+1-bytes, "%s", buffer);
free(buffer);
}
}
when I run this code with a message of size 35 or below it works.. when I increase the message size to 36 or above it crashes with:
Code:
*** Error in `./test': free(): invalid pointer: 0x09d97510 ***
message is passed into the function as: uint8_t** message
size is the size of the message being received in bytes.
When the code is done, "message" always has the right string, I am just crashing on the free(). Any idea what is wrong?
Thanks!
Chris
Last edited by clow; February 5th, 2016 at 03:33 PM.
-
February 5th, 2016, 03:38 PM
#2
Re: Help! free() invalid pointer error
one interesting thing to note that "bytes" is 35 when ret is 35.. however bytes is 37 when ret is 36..
I imagine my snprintf is messed up somehow.
Anyone know what I did incorrect?
Thanks!
Last edited by clow; February 5th, 2016 at 03:50 PM.
-
February 5th, 2016, 04:28 PM
#3
Re: Help! free() invalid pointer error
Originally Posted by clow
Code:
...
bytes += snprintf((char*)*message+bytes, size+1-bytes, "%s", buffer);
free(buffer);
}
}
What is *message? Where and how was it defined?
Victor Nijegorodov
-
February 5th, 2016, 04:33 PM
#4
Re: Help! free() invalid pointer error
message is passed in as:
The code works if I malloc (size+1) and recv (size+1)....
-
February 5th, 2016, 04:40 PM
#5
Re: Help! free() invalid pointer error
>> ... "%s", buffer);
You are assuming that buffer is a NULL terminated string. But recv() could fill the whole thing up w/o a terminator.
gg
-
February 5th, 2016, 04:46 PM
#6
Re: Help! free() invalid pointer error
Originally Posted by clow
message is passed in as:
The code works if I malloc (size+1) and recv (size+1)....
And how is it related with the documentation about snprintf: http://www.cplusplus.com/reference/cstdio/snprintf/ ?
Didn't you allocate a buffer with enough size?
Victor Nijegorodov
-
February 5th, 2016, 04:48 PM
#7
Re: Help! free() invalid pointer error
Victor, I don't understand what you are asking?
-
February 5th, 2016, 05:23 PM
#8
Re: Help! free() invalid pointer error
The code works if I malloc (size+1) and recv (size+1)....
malloc() and bzero() should be size + 1 but recv() should be size so that the final char in buffer is always 0 to null-terminate. Is snprintf() off by 1??
But why use snprintf? Why allocate/free the memory everytime through the loop? Why not use memcpy()? Something like (not tried)
Code:
#define BUFSIZE 100
uint8_t *const buffer = (uint8_t *const)malloc(BUFSIZE);
for (int bytes = 0, ret = 0; bytes < BUFSIZE; bytes += ret)
{
if ((ret = recv(socket, buffer, BUFSIZE - bytes, MSG_NOSIGNAL)) < 0)
{
free(buffer);
*message = NULL; //Does this not cause a memory leak as memory pointed to by *message is not freed?
return -1;
}
memcpy(*message + bytes, buffer, ret);
}
free(buffer);
*(*message + BUFSIZE) = '\0'; //Null terminate message if needed
Last edited by 2kaud; February 5th, 2016 at 06:13 PM.
Reason: Added null terminator, comments
All advice is offered in good faith only. All my code is tested (unless stated explicitly otherwise) with the latest version of Microsoft Visual Studio (using the supported features of the latest standard) and is offered as examples only - not as production quality. I cannot offer advice regarding any other c/c++ compiler/IDE or incompatibilities with VS. You are ultimately responsible for the effects of your programs and the integrity of the machines they run on. Anything I post, code snippets, advice, etc is licensed as Public Domain https://creativecommons.org/publicdomain/zero/1.0/ and can be used without reference or acknowledgement. Also note that I only provide advice and guidance via the forums - and not via private messages!
C++23 Compiler: Microsoft VS2022 (17.6.5)
-
February 8th, 2016, 11:02 AM
#9
Re: Help! free() invalid pointer error
Hi 2kaud,
The memcpy seems not to work in your code above. "message" is passed is as:
when I run the code and look at "*message" in the debugger, there is nothing there... any idea why this is not working?
Thanks!
Chris
-
February 8th, 2016, 11:14 AM
#10
Re: Help! free() invalid pointer error
Originally Posted by clow
Hi 2kaud,
The memcpy seems not to work in your code above. "message" is passed is as:
when I run the code and look at "*message" in the debugger, there is nothing there... any idea why this is not working?
None here cares how "message" is passed...
The only question (I already asked in the post#3) is where and how "*message" is defined and allocated (with what buffer length).
Victor Nijegorodov
-
February 8th, 2016, 11:54 AM
#11
Re: Help! free() invalid pointer error
declared before function:
Code:
uint8_t* message = NULL;
passed into function:
initialized right before the loop inside function:
Code:
*message = (uint8_t*)malloc(size+1);
Thanks!
Chris
Last edited by clow; February 8th, 2016 at 12:02 PM.
-
February 8th, 2016, 12:08 PM
#12
Re: Help! free() invalid pointer error
Originally Posted by clow
...
initialized right before the loop inside function:
Code:
*message = (uint8_t*)malloc(size+1);
And could you now post the compilable code (that compiles!) of this function?
Victor Nijegorodov
-
February 8th, 2016, 12:25 PM
#13
Re: Help! free() invalid pointer error
sorry it worked.. I was trying to debug optimized code I think
-
February 8th, 2016, 12:36 PM
#14
Re: Help! free() invalid pointer error
one last question.. when I attempt to NULL terminate I get this compilation error:
Code:
error: invalid operands to binary * (have ‘uint8_t ** {aka unsigned char **}’ and ‘uint32_t {aka unsigned int}’)
*(message*+size) = '\0';
what am i doing wrong?
-
February 8th, 2016, 12:39 PM
#15
Re: Help! free() invalid pointer error
Originally Posted by clow
one last question.. when I attempt to NULL terminate I get this compilation error:
...
what am i doing wrong?
Again: show your actual code!
Victor Nijegorodov
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|