0
char * input = (char*)malloc(256);

scanf("%s", input);

Seg fault. Why? I have a lot of trouble with strings in C, but I feel like everything is done right here. I even followed an example from a 100k+ SO user to the letter.

temporary_user_name
  • 35,956
  • 47
  • 141
  • 220
  • 7
    Don't cast the result from `malloc`. – Piotr Praszmo Oct 07 '12 at 18:36
  • Have you checked that input != null? – BlackBear Oct 07 '12 at 18:36
  • How much input do you get? Out-of-bounds access is a candidate. – Daniel Fischer Oct 07 '12 at 18:37
  • Are you sure this is where your code segfaults? – Michael Mior Oct 07 '12 at 18:38
  • As @Banthar said, do not cast the return value of malloc in C. It is unnecessary and, on some compilers, can hide the fact that you forgot to include `stdlib.h` (`malloc` will be assumed to be a function returning `int`). That could be your problem here. – Ed S. Oct 07 '12 at 18:38
  • Yes, Banthar/Ed S. were correct. – temporary_user_name Oct 07 '12 at 18:39
  • There's no obvious errors in your code (unless you input more than 256 chars) that could give seg fault. Post the complete code. – P.P Oct 07 '12 at 18:40
  • @KingsIndian: Perhaps not an "error", but casting the result if `malloc` is obviously the wrong thing to do and can cause something like this to happen. – Ed S. Oct 07 '12 at 18:51
  • Is it really that obvious? It seems very subtle to me. – temporary_user_name Oct 07 '12 at 18:54
  • @Aerovistae: To anyone who has a fair amount of experience in C (pre-C89), yes, it jumps out. – Ed S. Oct 07 '12 at 18:56
  • @Aerovistae: You said they're correct, but you haven't answered any of the questions you've been asked. Please do so. Exactly what input did your program receive? Do you have `#include ` and `#include ` at the top of your source file? If not, does adding them change the behavior? – Keith Thompson Oct 07 '12 at 19:06
  • Input: "hi". Yes, I have all includes. The complete program is just this inside a While loop, as a main function. I am sufficiently competent to know what's irrelevant to a given error, fortunately. Just bad with C strings. – temporary_user_name Oct 07 '12 at 19:08
  • 2
    If you don't have `#include `, *and* if your compiler isn't enforcing C99 rules, *and* if `char*` and `int` have different sizes on your system, then it's very likely that cast on `malloc()` is the problem. Under those circumstances, the compiler would *assume* that `malloc()` returns an `int` result; it would convert that `int` value to `char*`. But your time is better spent fixing the code (which would be wrong even if it happened to work for you). Add the `#include` directives, delete the cast, make sure you don't feed `scanf` too much input, and tell us what happens. – Keith Thompson Oct 07 '12 at 19:09
  • Deleting the cast repaired the code. – temporary_user_name Oct 07 '12 at 19:09
  • 1
    @Aerovistae: Frankly, if you were "sufficiently competent to know what's irrelevant to a given error" you wouldn't be asking for our help. Please give us complete information from the beginning so we don't have to waste our time wondering what unshown errors you've made. We have no idea how competent you are. – Keith Thompson Oct 07 '12 at 19:10
  • @Aerovistae: Interesting. What are `sizeof (int)` and `sizeof (void*)` on your system? (In my previous comment, I should have said `void*`, not `char*`.) – Keith Thompson Oct 07 '12 at 19:11
  • @KeithThompson, I'm sorry, but I think you're overanalyzing this. I realize that what you say is generally true on SO, but in this case, what I said was enough information, and the first commenter fixed the problem in 6 words. – temporary_user_name Oct 07 '12 at 20:25
  • @Aerovistae: Perhaps so, but *given the information you gave us* there are plenty of other possible explanations, and there are plenty of environments in which adding or removing the cast would have no visible effect. (The cast should definitely be removed, but it wasn't at all clear that that was the solution.) – Keith Thompson Oct 08 '12 at 07:28

2 Answers2

2

The bug could be caused by:

  • malloc() failing to allocate any memory, check the result against NULL.
  • by a buffer overrun from scanf, more than 256 characters.
  • by forgetting to include <stdlib.h> and then typecasting the result of malloc. More info here.
Community
  • 1
  • 1
Lundin
  • 195,001
  • 40
  • 254
  • 396
0

You need to ensure your buffer is large enough, including enough space for the trailing NUL (0 byte) at the end of the string. Otherwise, you get a buffer overflow that may lead to a segfault.

ryucl0ud
  • 622
  • 4
  • 7
  • 1
    And since `scanf("%s", input);` reads an arbitrarily large number of characters from standard input, you *can't* reliably ensure that the buffer is large enough. `scanf`'s `"%s"` format is just as dangerous as `gets()` (which has been removed from the language). But the behavior can be well defined *if* you don't enter too many characters. – Keith Thompson Oct 07 '12 at 19:04