string handling with realloc

[nik2]

hi

realloc function if i remember correct is like this

Code:

void *realloc (void *ptr, unsigned int size)

i tried using it like this

Code:

#include <stdio.h>
#include <stdlib.h>


int main(void){
    
    char *z;
    
    z = (char *)malloc(3*sizeof(char));
    
    z = "abc";
    
    z = (char *)realloc(z,2);

    printf("%s\n",z);
    free(z);
    getchar();
  
  
   return 0;

}

the output is

Code:

abc

why? shouldnt it be

Code:

ab

?

thanks

[cas]

First off, I'm surprised that this code didn't crash. When you do

Code:

z = "abc";

you're overwriting the pointer returned by malloc(). You're then passing the address of a string literal to realloc(), which is undefined. What you probably meant to do was use strcpy(). But that leads to problem #2: strings include a terminating null character. If you want to store "abc" you need 4 bytes, not 3. Here's your program rewritten:

Code:

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int main(void)
{
  char *z = malloc(4);
  strcpy(z, "abc");
  realloc(z, 3);
  puts(z);
  return 0;
}

Note that sizeof(char) is 1 so it's not necessary to multiply by it. This code also doesn't do any error checking, but that's OK for a little test.

You'll probably get the same result with this code (printing out abc instead of ab), and here's why: the three bytes that z now points to contain no null character. Passing z to puts() or printf("%s") results in undefined behavior because those functions expect a string, and a string requires a null character. These functions just run off the end of the string, and since you shrunk it, realloc() probably didn't have to return a new address, so you get a pointer to all 4 bytes that were originally there. You're just not allowed to use them.

In C it's up to you to make sure you pass valid data to functions. printf() has no idea how much memory has been allocated, so it relies on you to put a null character somewhere when printing out a string. Simply shrinking the memory area is not enough: you have to add a new null byte somewhere in the newly allocated area, or it's not a string.

[nadroj]

Code:

    z = (char *)malloc(3*sizeof(char));
    
    z = "abc"

The first line allocates 3 bytes of memory, so it can store a string of "length" 2 (because one byte is for the terminating character). So the next line of code, if it was correct, would be a buffer overflow.

However, the next line of code isnt correct. You're reassigning the pointer to a new, literal string. So that the pointer you "malloc"ed is lost, thus a memory leak. Next:

Code:

    z = (char *)realloc(z,2);

    printf("%s\n",z);

Lets assume the string was properly assigned, say, by using "strcpy", so that it contains the (buffer overflowed) value of 4 characters "abc\0".

The function may move the memory block to a new location, in which case the new location is returned. The content of the memory block is preserved up to the lesser of the new and old sizes, even if the block is moved.

So in the case of the block of memory not being moved, the variable now is 2 bytes long. So you can do anything with those 2 bytes--anything more is a bad idea. Also, since the block of memory wasnt moved, the 2 bytes are still "ab", followed by the other 2 bytes "c\0". Since when you print strings, they print until the terminating '\0', it will print "abc".

In the case that the block of memory is moved, it will still print "ab", followed by however many bytes are in memory after that, up until a terminating character is found. As you can see, this is pretty unpredictable behaviour.

[nik2]

thanks i get it now