CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Page 1 of 2 12 LastLast
Results 1 to 15 of 18
  1. #1
    Join Date
    Jun 2013
    Posts
    32

    Help! free() invalid pointer error

    Hello all,

    I have code to read in a message via tcp/ip as show below:

    Code:
        // keep reading until "size" bytes received
        bytes = 0;
        while(bytes < size)
        {
            uint8_t* buffer = (uint8_t*)malloc(size);
            bzero(buffer, size);
            ret = recv(socket, buffer, size, MSG_NOSIGNAL);
            if(ret< 0)
            {
                free(buffer);
                *message = NULL;
                return -1;
            }
            bytes += snprintf((char*)*message+bytes, size+1-bytes, "%s", buffer);
            free(buffer);
        }
    }
    when I run this code with a message of size 35 or below it works.. when I increase the message size to 36 or above it crashes with:

    Code:
    *** Error in `./test': free(): invalid pointer: 0x09d97510 ***
    message is passed into the function as: uint8_t** message

    size is the size of the message being received in bytes.

    When the code is done, "message" always has the right string, I am just crashing on the free(). Any idea what is wrong?

    Thanks!
    Chris
    Last edited by clow; February 5th, 2016 at 03:33 PM.

  2. #2
    Join Date
    Jun 2013
    Posts
    32

    Re: Help! free() invalid pointer error

    one interesting thing to note that "bytes" is 35 when ret is 35.. however bytes is 37 when ret is 36..

    I imagine my snprintf is messed up somehow.

    Anyone know what I did incorrect?

    Thanks!
    Last edited by clow; February 5th, 2016 at 03:50 PM.

  3. #3
    VictorN's Avatar
    VictorN is offline Super Moderator Power Poster
    Join Date
    Jan 2003
    Location
    Hanover Germany
    Posts
    20,396

    Re: Help! free() invalid pointer error

    Quote Originally Posted by clow View Post
    Code:
            ...
            bytes += snprintf((char*)*message+bytes, size+1-bytes, "%s", buffer);
            free(buffer);
        }
    }
    What is *message? Where and how was it defined?
    Victor Nijegorodov

  4. #4
    Join Date
    Jun 2013
    Posts
    32

    Re: Help! free() invalid pointer error

    message is passed in as:

    Code:
    uint8_t** message
    The code works if I malloc (size+1) and recv (size+1)....

  5. #5
    Join Date
    Nov 2003
    Posts
    1,902

    Re: Help! free() invalid pointer error

    >> ... "%s", buffer);
    You are assuming that buffer is a NULL terminated string. But recv() could fill the whole thing up w/o a terminator.

    gg

  6. #6
    VictorN's Avatar
    VictorN is offline Super Moderator Power Poster
    Join Date
    Jan 2003
    Location
    Hanover Germany
    Posts
    20,396

    Re: Help! free() invalid pointer error

    Quote Originally Posted by clow View Post
    message is passed in as:

    Code:
    uint8_t** message
    The code works if I malloc (size+1) and recv (size+1)....

    And how is it related with the documentation about snprintf: http://www.cplusplus.com/reference/cstdio/snprintf/ ?
    Didn't you allocate a buffer with enough size?
    Victor Nijegorodov

  7. #7
    Join Date
    Jun 2013
    Posts
    32

    Re: Help! free() invalid pointer error

    Victor, I don't understand what you are asking?

  8. #8
    2kaud's Avatar
    2kaud is offline Super Moderator Power Poster
    Join Date
    Dec 2012
    Location
    England
    Posts
    7,822

    Re: Help! free() invalid pointer error

    The code works if I malloc (size+1) and recv (size+1)....
    malloc() and bzero() should be size + 1 but recv() should be size so that the final char in buffer is always 0 to null-terminate. Is snprintf() off by 1??

    But why use snprintf? Why allocate/free the memory everytime through the loop? Why not use memcpy()? Something like (not tried)
    Code:
    	#define BUFSIZE 100
    	uint8_t *const buffer = (uint8_t *const)malloc(BUFSIZE);
    
    	for (int bytes = 0, ret = 0; bytes < BUFSIZE; bytes += ret)
    	{
    		if ((ret = recv(socket, buffer, BUFSIZE - bytes, MSG_NOSIGNAL)) < 0)
    		{
    			free(buffer);
                            *message = NULL;    //Does this not cause a memory leak as memory pointed to by *message is not freed?
    			return -1;
    		}
    		memcpy(*message + bytes, buffer, ret);
    	}
    	free(buffer);
    	*(*message + BUFSIZE) = '\0';		//Null terminate message if needed
    Last edited by 2kaud; February 5th, 2016 at 06:13 PM. Reason: Added null terminator, comments
    All advice is offered in good faith only. All my code is tested (unless stated explicitly otherwise) with the latest version of Microsoft Visual Studio (using the supported features of the latest standard) and is offered as examples only - not as production quality. I cannot offer advice regarding any other c/c++ compiler/IDE or incompatibilities with VS. You are ultimately responsible for the effects of your programs and the integrity of the machines they run on. Anything I post, code snippets, advice, etc is licensed as Public Domain https://creativecommons.org/publicdomain/zero/1.0/ and can be used without reference or acknowledgement. Also note that I only provide advice and guidance via the forums - and not via private messages!

    C++23 Compiler: Microsoft VS2022 (17.6.5)

  9. #9
    Join Date
    Jun 2013
    Posts
    32

    Re: Help! free() invalid pointer error

    Hi 2kaud,

    The memcpy seems not to work in your code above. "message" is passed is as:

    Code:
    uint8_t** message
    when I run the code and look at "*message" in the debugger, there is nothing there... any idea why this is not working?

    Thanks!
    Chris

  10. #10
    VictorN's Avatar
    VictorN is offline Super Moderator Power Poster
    Join Date
    Jan 2003
    Location
    Hanover Germany
    Posts
    20,396

    Re: Help! free() invalid pointer error

    Quote Originally Posted by clow View Post
    Hi 2kaud,

    The memcpy seems not to work in your code above. "message" is passed is as:

    Code:
    uint8_t** message
    when I run the code and look at "*message" in the debugger, there is nothing there... any idea why this is not working?
    None here cares how "message" is passed...
    The only question (I already asked in the post#3) is where and how "*message" is defined and allocated (with what buffer length).
    Victor Nijegorodov

  11. #11
    Join Date
    Jun 2013
    Posts
    32

    Re: Help! free() invalid pointer error

    declared before function:

    Code:
         uint8_t* message = NULL;
    passed into function:

    Code:
         funct(&message);
    initialized right before the loop inside function:

    Code:
        *message = (uint8_t*)malloc(size+1);
    Thanks!
    Chris
    Last edited by clow; February 8th, 2016 at 12:02 PM.

  12. #12
    VictorN's Avatar
    VictorN is offline Super Moderator Power Poster
    Join Date
    Jan 2003
    Location
    Hanover Germany
    Posts
    20,396

    Re: Help! free() invalid pointer error

    Quote Originally Posted by clow View Post
    ...
    initialized right before the loop inside function:

    Code:
        *message = (uint8_t*)malloc(size+1);
    And could you now post the compilable code (that compiles!) of this function?
    Victor Nijegorodov

  13. #13
    Join Date
    Jun 2013
    Posts
    32

    Re: Help! free() invalid pointer error

    sorry it worked.. I was trying to debug optimized code I think

  14. #14
    Join Date
    Jun 2013
    Posts
    32

    Re: Help! free() invalid pointer error

    one last question.. when I attempt to NULL terminate I get this compilation error:

    Code:
    error: invalid operands to binary * (have ‘uint8_t ** {aka unsigned char **}’ and ‘uint32_t {aka unsigned int}’)
         *(message*+size) = '\0';
    what am i doing wrong?

  15. #15
    VictorN's Avatar
    VictorN is offline Super Moderator Power Poster
    Join Date
    Jan 2003
    Location
    Hanover Germany
    Posts
    20,396

    Re: Help! free() invalid pointer error

    Quote Originally Posted by clow View Post
    one last question.. when I attempt to NULL terminate I get this compilation error:
    ...
    what am i doing wrong?
    Again: show your actual code!
    Victor Nijegorodov

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  





Click Here to Expand Forum to Full Width

Featured