Thread: how come I can exceed array scope

In my struggle to learn C, I came across a situation where I can assign values to indices outside of array scope, or it seems to me I can. The code looks like this:

Code:

#include <stdio.h>
#include <stdlib.h>

int main(void)
{
  unsigned char c;  
  char aoeui[1];
  srand (time(NULL));
  int i = 0;  
  while (i < 10)
    {     
      c = (rand() % 255); 
      if (isalnum(c))
    {      
      printf("%c\n", c); 
      aoeui[i] = c;
      ++i;      
    }
    }
  printf("----\n");
  printf("%s\n", aoeui);  
  return 0;
}

I tried to write the simplest possible random string generator. I declare an array of size 1:

Code:

char aoeui[1];

But when it's printed,

Code:

printf("%s\n", aoeui);

10 characters are printed on the screen, for example:

Code:

j
O
b
j
L
5
a
q
J
N
----
jObjL5aqJN

I don't understand why it happens.

C lets you get away with a lot of stupid things.
Your program has actually two problems.
Your'e overwriting array bounds and you try to print a string that is not zero terminated -> undefined behaviour. That means everything can happen. It can even apper to work correctly.
Kurt

from Bounds checking - Wikipedia, the free encyclopedia

"Many programming languages, such as C, never perform automatic bounds checking, to raise speed. However, this leaves uncaught many off-by-one errors and buffer overflows. Many programmers believe these languages sacrifice too much for rapid execution. "

I didn't know about that. thanks.
Is this program for generating random strings correct or would you change something:

Code:

#include <time.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
 
int main(void)
{
  char string[30];  
  /* Length of the password */
  unsigned short int length = 30;
 
  /* Seed number for rand() */
  srand((unsigned int) time(0) + getpid());
 
  /* ASCII characters 33 to 126 */
  while (length--) {
    string[length] = rand() % 94 + 33;    
  }
 
  printf("%s\n", string);  
  return EXIT_SUCCESS;
}

@OP: take "incorrect"'s suggestion, but I'd recommend using character constants ('a') instead of numbers (94).

> Many programmers believe these languages sacrifice too much for rapid execution.
Not really relevant, but this belief is fallacious on so many levels. Part of the beauty of C is that it's directly translated into assembly, allowing the same speed with much greater portability. Adding any automatic checks like this that aren't present in assembly (unlike push/pop) defeats the purpose of this, especially when it's only designed to prevent human error.

If anything, compilers could be written to produce warnings about out-of-bounds access, but still compile normally (you might sometimes want this for testing/etc.).

I've ended up with the following function:

Code:

#include <time.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

void random_string(char * string, unsigned length)
{
  /* Seed number for rand() */
  srand((unsigned int) time(0) + getpid());
  
  /* ASCII characters 33 to 126 */
  while (length--) {
    string[length] = rand() % 94 + 33;   
  }
}

int main(void)
{
  char s[30];
  random_string(s, 30);  
  printf("%s\n", s);  
  return 0;
}

IMO it should be something like this:

Code:

#include <time.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>

void random_string(char * string, unsigned length)
{
  /* Seed number for rand() */
  srand((unsigned int) time(0) + getpid());
  
  /* ASCII characters 33 to 126 */
  int i;  
  for (i = 0; i < length; ++i)
    {
      string[i] = rand() % 94 + 33;
    }

  string[i] = '\0';  
}

int main(void)
{
  char s[31];
  random_string(s, 30);
  printf("%s\n", s);  
  return 0;
}

We need to make suere that string is terminated with '\0