Release memory problem

**fgutierrez** · 10-15-2007

Hi! I had problem in the next code. In it, I want to carry out a tokenizer for getting some parameters values written in a text file.

Code:

/* Se lee el valor del par&#225;metro Longitud del s&#237;mbolo Apex */

       p_cadena=p_cadena+2;
       char *param_cpy=(char*)calloc(strlen(&(cadena[p_cadena])),sizeof(char));
       strcpy(param_cpy,&(cadena[p_cadena]));
       char *lg=strtok(param_cpy,",");
       p_cadena=p_cadena+strlen(lg);
       *result=sscanf(lg,"&#37;f",l);       free(param_cpy);

In the character chain 'param_cpy' I allocate memory in order to copy a fragment of the text chain being descomposed. After i get the token, a want to release this memory. Howewer, when i try doing it, the program crash in execution time. The instruction causing the problem is marked in red in the code above. I don´t understand the reason which this problem occurs for. Someone could help me?

Thank you.

Fernando Gutiérrez

**matsp** · 10-15-2007

As this is C++ I will not say "You shouldn't cast malloc/calloc"...

Code:

calloc(strlen(&(cadena[p_cadena])),sizeof(char));

Leading question: How long is this section, and how long a string does it cope with?

Is there something in a string, that makes it take up a tiny bit more space than you'd immediately think?

--
Mats

**Salem** · 10-15-2007

Your calloc doesn't count the \0 at the end of the string, which will be copied (and which will trash memory when the strcpy happens).

Say
char *param_cpy=calloc(strlen(&(cadena[p_cadena]))+1,sizeof(char));

Also, using calloc instead of malloc has no advantage in this instance, since you're going to overwrite all the data with the following strcpy().

**cpjust** · 10-15-2007

Try allocating 1 or 2 extra bytes. Maybe strcpy() is filling param_cpy and not leaving a NULL at the end, or maybe there's no NULL at the end of cadena[p_cadena] and you're overflowing the buffer?
Use strncpy() to prevent buffer overflow.

**Salem** · 10-15-2007

> or maybe there's no NULL at the end of cadena[p_cadena] and you're overflowing the buffer?
Then the strlen() itself would have failed.

**fgutierrez** · 10-15-2007

[QUOTE=Salem;678980]Your calloc doesn't count the \0 at the end of the string, which will be copied (and which will trash memory when the strcpy happens).

Say
char *param_cpy=calloc(strlen(&(cadena[p_cadena]))+1,sizeof(char));
[QUOTE]

I've to review my code, but I think that you are right and that is the reason for that my program crashes. Thank you

Originally Posted by Salem

Also, using calloc instead of malloc has no advantage in this instance, since you're going to overwrite all the data with the following strcpy().

My question is if using malloc instead of malloc have some advantage.

**Salem** · 10-15-2007

calloc does more work than malloc (it is after all just malloc + memset), so unless you need that feature, it isn't worth doing IMO.

Also, calloc doesn't necessarily result in valid data, especially where floats and pointers are concerned.
http://c-faq.com/malloc/calloc.html

**CornedBee** · 10-15-2007

And once you use malloc instead of calloc, why not use new[] instead?

**robatino** · 10-15-2007

> calloc does more work than malloc (it is after all just malloc + memset), so unless you need that feature, it isn't
> worth doing IMO.

Not to mention that it confuses people reading your code trying to figure out where you use the initialization, only to finally realize you don't.

Release memory problem

LinkBack

Thread Tools

Display

Release memory problem

Similar Threads

Question regarding Memory Leak

Memory problem with Borland C 3.1

A question related to strcmp

Pointer's

Memory Problem - I think...