When do segfaults occur?

Question

I have the following code:

char* str = "01248";
printf("%x \n", str[str[1] + str[3]]);

As str[1]+str[3] = 101, the code looks for str [101].

Will this code get (always) a segmentation fault error? Or there's a change that we have something at this address and we'll print something?

possible duplicate of [Why do I get a segmentation fault when writing to a string?](http://stackoverflow.com/questions/164194/why-do-i-get-a-segmentation-fault-when-writing-to-a-string) — Michael Foukarakis, Jun 23 '14 at 07:18
I don't get the -1s. Care to explain them? It is a question which shows lack of knowledge, bit that's what a question is supposed to do. It is not a bad question per se... — glglgl, Jun 23 '14 at 07:30

unwind · Answer 1 · 2014-06-23T07:41:10.073

This will always invoke undefined behavior.

You're indexing out of bounds, you can't do that without getting undefined behavior.

Exactly what happens is, wait for it, undefined. It can cause a segfault, there might be no problem at all and some value might get printed, you just can't know.

If even nothing "bad" happens and some value is printed, the program is still faulty and broken.

Also, of course there's no difference between this and just

printf("%x\n", str[101]);  /* BAD CODE! */

The fact that you compute the invalid array index by adding two valid dereferences doesn't matter, that's just an extra layer of confusion. Also, you can't "know" that 1 + 4 is any particular numerical value, that's up to the target machine's character encoding. In ASCII, it will be 49 + 52, i.e. 101. You can't even know that '1' + '4' is positive.

If you can't know whether 1 + 4 is positive, you might be a C programmer :-) — Kerrek SB, Jun 23 '14 at 07:30
@KerrekSB Oops, I had lost the single quotes, that made it a bit more confusing than I meant. Thanks. — unwind, Jun 23 '14 at 07:41

glglgl · Answer 2 · 2014-06-23T07:28:49.823

Will this code get (always) a segmentation fault error?

No.

The string literal lies in a special rodata section with all other string literals and maybe other readonly data (though I don't know what these could be).

Here it depends how the data is arranged in that segment. If this string is followed by others with a length of at least 100 bytes, it will probably succeed and you'll access another string. But if it is the last one in that segment, you'll hit an address outside of anything allocated and get a segfault.

Nevertheless, it is undefined behaviour and you should not rely on it. In doubt cases, it may or may not succeed depending on the ordering and length of other strings.

score 0 · Answer 3 · answered Jun 23 '14 at 07:17

0

This happens because you're adding two chars.

str[1] = '1' = 49

str[3] = '4' = 52

so str[1] + str[3] is 101.

What you're looking for is to convert your char into int:

char* str = "01248";
int index1 = str[1] - 48;
int index2 = str[3] - 48;
printf("%x \n", str[index1 + index2]);

answered Jun 23 '14 at 07:17

Lord Zsolt

6,492
9
46
76

2

I'm not sure they look for this. They are aware that the result is 101, and the question was if that always leads to a segfault. – glglgl Jun 23 '14 at 07:18

score 0 · Answer 4 · answered Jun 23 '14 at 07:22

0

There is a change that it print something. IF the OS reserve memory for the array it will print something but if the accessed index is beyond the reserved memory it will be segmentation fault

answered Jun 23 '14 at 07:22

user3309301

301
1
4

When do segfaults occur?

4 Answers4