0

My program crashes with the following lines:

warning: HEAP[maze.exe]: warning: Heap block at 00392F30 modified at 00392F3B past requested size of 3

I am dynamically allocating space for a string 

int userReq() {
char **maze=NULL;
char *pchar;
int i, test_cases, cur_test=0;
int row, col;

/* gather the amount of test cases */
scanf("%d", &test_cases);
do{
    scanf("%d",&row);
    scanf("%d",&col);
    /* allocate memory for char pointer row-wise */
    maze = (char **) malloc(row*sizeof(char*));

    for(i=0;i<row;i++)
        /* for each cell allocate the num of chars in cell */
        maze[i] = (char *) malloc(col*sizeof(char));

    for(i=0;i<row;i++) 
        scanf("%s",maze[i]);
            /* this function does modify the maze by changing some of the spots to a different char */
            CallSomeFunctionHere(maze);


    /* free first the cells then the entire block */
    for(i=0;i<row;i++)
        free(maze[i]);
    free(maze);

    cur_test = cur_test + 1;

}while(cur_test < test_cases);

/* if we were successful then exit program with
success */
return 0;

}

My program crashes after doing the logic then trying to free the memory.

cat
  • 91
  • 10
  • 2
    In C, don't cast malloc: http://stackoverflow.com/questions/605845/do-i-cast-the-result-of-malloc – Barmar Oct 25 '13 at 10:44
  • you mean that you get crash when you want to free right? – Sina R. Oct 25 '13 at 10:45
  • Are you sure the problem is not inside `CallSomeFunctionHere`? Also note that `CallSomeFunctionHere` is outside of the loop, is this what you want? And what does `col` exactly mean? Max. string length? If so, you forgot the space for the null terminator. – Filipe Gonçalves Oct 25 '13 at 10:48
  • I suggest take up `valgrind` and spend some time with it – abasu Oct 25 '13 at 11:22

3 Answers3

3

This means that you have requested less memory than you needed. The most likely culprit is this line:

maze[i] = (char *) malloc(col*sizeof(char));

Since you are passing maze[i] to scanf as the %s target, you need to allocate an extra char for the null terminator.

It is a very good idea to limit the input to what you have allocated. Consider using fgets instead of scanf:

for(i=0;i<row;i++) 
    fgets(maze[i], col+1, stdin);

P.S. In C you do not need to cast malloc. You also do not need to multiply by sizeof(char), because the standard requires it to be 1.

maze[i] = malloc(col+1);
Sergey Kalinichenko
  • 714,442
  • 84
  • 1,110
  • 1,523
  • @cat You are welcome! If the issue is now solved, consider accepting an answer by clicking the grey check mark next to it. This would let other visitors of the site know that you are no longer actively looking for an improved solution, and earn you a new badge on Stack Overflow. – Sergey Kalinichenko Oct 25 '13 at 11:12
1
    maze[i] = (char *) malloc(col*sizeof(char));

You don't allocate space for the string terminator. Change to:

    maze[i] = malloc(col + 1);

Note that sizeof(char) is 1 by definition and that you don't need to typecast the return value from malloc.

There are 2 places where the buffers can get overrun:

    scanf("%s",maze[i]);

change to: 

    scanf("%.*s", col, maze[i]);

The last place is:

    CallSomeFunctionHere(maze);

(I don't have the source code for this one.)

Klas Lindbäck
  • 33,105
  • 5
  • 57
  • 82
0

You forgot to allocate space for the trailing null in strings:

maze[i] = malloc((col+1)*sizeof(char));
Barmar
  • 741,623
  • 53
  • 500
  • 612