Pointers probably. (doing CGI)

To keep myself interested in C, I decided to start messing with CGI. I am just testing stuff out now, getting used to C for the web, but I have already hit a problem. I bet it is with my pointers, but I am not sure. The code I am testing is to get form data. What I have:

Code:

#include <stdio.h>
#include <stdlib.h>

void clear_string(char *string, int size);


int main(void)  {
  char *query;

  query = (char *)malloc(sizeof getenv("QUERY_STRING") + 1);
  clear_string(query, sizeof getenv("QUERY_STRING") + 1);
  query = getenv("QUERY_STRING");


  printf("Content-Type: text/html\n\n");

  printf("<html>\n");
  printf("<head>\n");
  printf("<title>CGI form test</title>\n");
  printf("</head>\n");
  printf("<body>\n");

  if ( strcmp(*query, NULL) )  {
    printf("<form action=\"cgiform.cgi\" method=\"post\">\n");
    printf("\tName: <input type=\"text\" name=\"name\" />\n");
    printf("\t<input type=\"submit\" value=\"Submit!\"/>\n");
    printf("</form>\n");
  }
  else  {
    printf("submitted");
    printf("\n%s", *query);
  }

  printf("</body>\n");
  printf("</html>\n");

  return(0);
}

void clear_string(char *string, int size)  {
  /* clear_string padds a pointer string with 'size' number of \0's (Nulls), making it usefull for both clearing strings, and preparing them for non-
     null terminated strings to be entered */

  int i;
  for (i = 0; i < size; ++i)  string[i] = '\0';

}

The clear string function is to clear the memoryspace with nulls for the query to be saved in, and I have used it to also clear one more space with a null character, so the string becomes null terminated when it is inserted.

Anyway, is this my pointer or what is it? I get a Segmentation fault when the script tries to compare the string to the null.

You shouldn't cast malloc() and you should free() your malloc()ed data. And you can use memset() instead of clear_string().

Code:

strcmp(*query, NULL)

strcmp() takes two char*s, and you're passing it a char and an invalid string. Not a good idea. Maybe you meant query==NULL.

Your problem (aside from what dwks pointed out) is here:

Code:

query = (char *)malloc(sizeof getenv("QUERY_STRING") + 1);

getenv() returns a pointer and when you use sizeof on a pointer you get...the size of the pointer (which is typically something like 2, 4, or 8 depending on your environment)! It's not the same as using sizeof on an array. That's right, all the times you heard that arrays and pointers are the same they were lying.

Just use strlen() instead of sizeof like so:

Code:

query = (char *)malloc(strlen(getenv("QUERY_STRING")) + 1);

You'll have to do the same thing with your call to clear_string() if you choose not to use memset().

Also, you should do a little more error checking. getenv() might return NULL, malloc() might return NULL, etc.

Originally Posted by dwks

You shouldn't cast malloc() and you should free() your malloc()ed data. And you can use memset() instead of clear_string().

That is the way I have seen it done everywhere I look (typecasted), And I will remember to free it when I am done with it. Thanks for that. (I will look into memset later, unless maybe you want to provide an example when you read this and save me tho trouble).

Code:

strcmp(*query, NULL)

strcmp() takes two char*s, and you're passing it a char and an invalid string. Not a good idea. Maybe you meant query==NULL.

I also tried strcmp(*query, "\0"), but got the same thing. And I also tried query == NULL a while ago and had some weird stuff going on.

PHP Code:

void *memset ( void *buffer, int c, size_t num ); 


Memset() fills a string with char c for num times. It's a loop in a function, basically.

PHP Code:

#include <stdio.h>
#include <string.h>
int main(void) 
{
   char str[] = "Almost every programmer should know memset.";
   memset(str, '-', 6);
   puts(str);
   return 0;
}

/* Output: ------ every programmer should know memset. */ 


Okay, I am going to try rewriting this. Let me just get some facts down first though.

- getenv returns a char pointer, and therefore to deturman(sp?) the length, instead of sizeof, I need strlen().
- to allocate the space for the query string and clear it, I would use malloc, and then memset like so:

Code:

query = (char *)malloc(strlen(getenv("QUERY_STRING")) + 1);
memset(query, "/0", strlen(getenv("QUERY_STRING")) + 1);

-comparing the value of the querystring to null would be:

Code:

if ( *query == NULL )

Correnc me on anything.

>> query = malloc(strlen(getenv("QUERY_STRING") + 1) * sizeof char );
That's the proper way to use malloc.

>> memset(query, '\0, strlen(getenv("QUERY_STRING")) + 1);
Be careful: memset's second parameter isn't a string, it's a character.

EDIT: In the future, just remember that forward slash is the devision operator and does nothing else.

And escape sequences are delineated by backslashes, so you probably just meant \0

Originally Posted by citizen

>> memset(query, '/0', strlen(getenv("QUERY_STRING")) + 1);
Be careful: memset's second parameter isn't a string, it's a character.

Yes, be careful. *ahem* '\0'

What does memset have to do with this anyway? Wouldn't you use strcpy to copy a string?

That's not what he's doing. He wants to clear the string.

Originally Posted by citizen

That's not what he's doing. He wants to clear the string.

Right. Why?

Overwrite the whole string so you can then overwrite the whole string (if that was being done correctly)?


[edit]Then again, why even bother with malloc?

Code:

printf("\n%s", *query);

Don't forget about fixing this one either.

Originally Posted by citizen

>> query = malloc(strlen(getenv("QUERY_STRING") + 1) * sizeof char );
That's the proper way to use malloc.

Okay. I will keep that in mind (what is the differance?)

>> memset(query, '\0, strlen(getenv("QUERY_STRING")) + 1);
Be careful: memset's second parameter isn't a string, it's a character.

EDIT: In the future, just remember that forward slash is the devision operator and does nothing else.

Oh, whoops. I forget that C's quotes are different like that.

-------------------------------------------------------------------

Originally Posted by Tonto

And escape sequences are delineated by backslashes, so you probably just meant \0

Yes, that was a typo.

-------------------------------------------------------------------

Originally Posted by Dave_Sinkula

Right. Why?

Overwrite the whole string so you can then overwrite the whole string (if that was being done correctly)?

I was told on another forum that when you got the query string, it was not delimited by a null character for some reason. So I was wanting to write over it with null characters to the lenght + one so that it was null terminated.

[edit]Then again, why even bother with malloc?

Because I am just gettng into C CGI, and using malloc allows you to dynamicly allocate memory, which I am using to allocate memory for form data when I may not know what size it is.

Originally Posted by Insenic

I was told on another forum that when you got the query string, it was not delimited by a null character for some reason.

Well, then you couldn't do strlen on it.

http://www.google.com/search?q=man+getenv

Originally Posted by Insenic

Because I am just gettng into C CGI, and using malloc allows you to dynamicly allocate memory, which I am using to allocate memory for form data when I may not know what size it is.

Do you need to allocate memory to store a new string? Or do you just need to point to one to do a string comparison?

Code:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main()
{
   char *query = getenv("QUERY_STRING");
   if ( query )
   {
      puts("Content-Type: text/html\n\n"
           "<html>\n"
           "<head>\n"
           "<title>CGI form test</title>\n"
           "</head>\n"
           "<body>");
      if ( strcmp(query, "") != 0 )
      {
         printf("submitted\n%s\n", query);
      }
      else
      {
         puts("<form action=\"cgiform.cgi\" method=\"post\">\n"
              "\tName: <input type=\"text\" name=\"name\" />\n"
              "\t<input type=\"submit\" value=\"Submit!\"/>\n"
              "</form>");
      }
      puts("</body>\n</html>");
   }
   return 0;
}

[edit]Or should it be this? (Not too familiar with CGI.)

Code:

#include <stdio.h>
#include <stdlib.h>

int main()
{
   char *query;
   puts("Content-Type: text/html\n\n"
        "<html>\n"
        "<head>\n"
        "<title>CGI form test</title>\n"
        "</head>\n"
        "<body>");
   query = getenv("QUERY_STRING");
   if ( query )
   {
      printf("submitted\n%s\n", query);
   }
   else
   {
      puts("<form action=\"cgiform.cgi\" method=\"post\">\n"
           "\tName: <input type=\"text\" name=\"name\" />\n"
           "\t<input type=\"submit\" value=\"Submit!\"/>\n"
           "</form>");
   }
   puts("</body>\n</html>");
   return 0;
}