2

I was wondering about the following piece of code, its very simple but yet:

char* foo()
{
    int i;
    char buff[100];
    snprintf(buff,100,"This is now written in the stack allocated memory!");

    return buff;   
}

Now, buff was allocated in the function's stack, meaning every variable is being freed, and what we have is a memory leak. But what exactly happens in the already written location?

The lines are still written in the memory, isn't it so?

  • Can i read that certain segment of memory? i do have the pointer pointing to the beginning of the segment, and if so will it be something like: 

    char* bar = foo();
char foobar = bar[0];

  • Can i write to that certain location? similar example:

    char* bar = foo();
bar[1] = 'i';
  • And in general, why is it considered to be a memory leak? can't we realloc this location again?

will appreciate clarifications regarding this issue!

trincot
  • 317,000
  • 35
  • 244
  • 286
Itzik984
  • 15,968
  • 28
  • 69
  • 107
  • a memory leak is when you allocate memory without freeing it again, which will cause you to run out of memory eventually. – user2950911 Dec 29 '13 at 19:36

4 Answers4

4

This isn't a memory leak. It is a dangling pointer. foo() returns a pointer to memory that is no longer allocated. It is undefined behavior to try to write or read from memory using this pointer.

A memory leak is when you have allocated memory that is no longer accessible. For example:

void foo()
{
   char *buff = malloc(10);
}

10 bytes have been allocated, but there is no way those 10 bytes can ever be freed.

In your case, you have the opposite problem. You have a pointer to memory that has been freed automatically by going out of scope. Once memory has been freed in this way, you are no longer allowed to try to access it in any way.

Vaughn Cato
  • 63,448
  • 5
  • 82
  • 132
  • But we still know the exact location where these lines are written right? this is the pointer returned... and the lines are still there. why cant we just read them? – Itzik984 Dec 29 '13 at 19:37
  • @Itzik984: The lines may or may not still be there. It is undefined. – Vaughn Cato Dec 29 '13 at 19:41
  • when you return from that function, your stack, where you allocated the array, collapses to the size it had before you called the function, so at that moment, the pointer points to somewhere outside your stack. – user2950911 Dec 29 '13 at 19:44
  • Your program can be interrupted. Any interrupt is likely to reuse the memory that was automatically freed. – ScottMcP-MVP Dec 29 '13 at 19:44
1

From virtual memory poit of view, you can read and write as you wish to the stack as long as you do in a controlled manner, which your compiler helps you with. However, when a function returns, you tell the compiler that the memory used for the left stack frame may be used for other data. Reading: you may get other data than you expect. Writing: you may overwrite other data.

On return, nothing needs to happen to the memory. It may stay in its current state until next function call. Try to examine the stack with your debugger . Then you will get an idea what happens. Also, take a look at the assembly code.

Also see: Can a local variable's memory be accessed outside its scope?

Community
  • 1
  • 1
user877329
  • 6,717
  • 8
  • 46
  • 88
0

In simple, this is not the case for memory leak. Problem is that you are returning pointer to local variable. You can't return a pointer to a automatic local variable. buff is an automatic local variable and it no longer exist after foo returns and hence pointer to it is invalid.
On compiling such code with -Wall and Wextra, the compiler should give you warning 

function returns address of local variable
haccks
  • 104,019
  • 25
  • 176
  • 264
0

The magic is called undefined behavior: you are returning a pointer to a local object. Looking at what this pointer is pointing to results in undefined behavior. Anything can happen. This page tries to emphasize why undefined behavior is bad.

Dietmar Kühl
  • 150,225
  • 13
  • 225
  • 380