c function for retrieving string from user input has memory issues

Question

I have the following code that I am using to get a string from the user via a terminal prompt:

#include <stdio.h>
#include <stdlib.h>

void GetString(int*, int*);

int main(void)
{
    unsigned int strLength = 32;
    char *stringPtr = malloc(strLength);
    printf("Enter some input: ");
    if (stringPtr != NULL)
    {
        int c = EOF;
        unsigned int i = 0;
        while ((c = getchar()) != '\n' && c != EOF)
        {
            stringPtr[i++] = (char) c;
            if (i == strLength)
            {
                strLength = i+strLength;
                if(stringPtr = realloc(stringPtr, strLength))
            }
        }
        stringPtr[i] = '\0';
        printf("\n\nString value: %s\n\n", stringPtr);
        free(stringPtr);
        stringPtr = NULL;
    }
}

It works well from a user perspective, however, I am rather novice and just now am truly starting to understand how pointers can work with one-another, however, I have yet to find a good working example online that can simplistically relay how to successfully handle an unknown amount of input without fear of buffer overflow, segmentation faults, etc.

The code that I listed above was built by me using pieces of several examples relating to dynamic memory allocation as well as some forums on string operations. Can anyone verify that this is a safe, efficient way to handle user input of unknown length? If not, could you provide information on why what I posted is incorrect and how it could be improved? I just want to ensure I am learning correctly, as I am teaching myself (for the most part) which can lead to very destructive misunderstandings when it comes to C, from what I have heard from friends/online articles.

*****I've modified the above code to a better state based on the help provided in the comments and answers below. I am open to further improvement on this and hope that this example can help others who are trying to better understand how to handle user input in a safe and efficient manner.******

#include <stdio.h>
#include <stdlib.h>

void GetString(int*, int*);

int main(void)
{
    unsigned int strLength = 32;
    char *stringPtr = malloc(strLength);
    if (stringPtr == NULL)
    {
        fprintf(stderr, "Unable to allocate memory to hold char array. Exiting!\n");
        return 1;
    }
    printf("Enter some input: ");
    int c = EOF;
    unsigned int i = 0;
    while ((c = getchar()) != '\n' && c != EOF)
    {
        stringPtr[i++] = (char) c;
        if (i == strLength)
        {
            strLength += strLength;
            if ((stringPtr = realloc(stringPtr, strLength)) == NULL)
            {
                fprintf(stderr, "Unable to expand memory to hold char array. Exiting!\n");
                return 2;
            }
        }
    }
    stringPtr[i] = '\0';
    if (sizeof(stringPtr) < strLength)
    {
        stringPtr = realloc(stringPtr, strLength);
    }
    printf("\n\nString value: %s\n\n\n", stringPtr);
    free(stringPtr);
    stringPtr = NULL;
}

Answer 1

See this as a partial answer, I hope I can give some more hints later. Here are a few initial comments:

1. Check first that malloc() was successful. No need to prompt otherwise.
2. If malloc() fails, terminate immediately, you can use exit(1) or return(1) but it looks nicer if you also write an error message to stderr first, for example with fprintf(stderr, "malloc failed!"); This way you won't have to indent the main part of the main() function!
3. Allocating one byte at a time isn't very efficient. Usually, you'd increment with larger steps, for example 80 bytes at a time.
4. Your code may perhaps not handle backspace presses or UNICODE very well. But I guess that's to early to discuss.
5. realloc() may fail, but you never check it.

The code can be more efficient (shorter), but you have a good start!

Answer 2

This line is not efficient,

char *stringPtr = malloc(strLength);

you allocated memory for one char. Then you re-allocate more for it. I would suggest you allocate a buffer, for example, 1024 bytes, if the input is larger than 1024, then you allocate another 1024 bytes. This is similar to the way stl::vector to increase its memory. (you can choose allocate 512 bytes too).

The reason behind it is that each you ask for some memory from the system, it is expensive system call. So it is better ask for more than you need to save the calls to the system.

Answer 3

This answer focuses on the OP mentioning:

 I have yet to find a good working example online that can simplistically relay 
 how to successfully handle an unknown amount of input without fear of buffer
 overflow, segmentation faults, etc.

The wikipedia articles on Buffer Overflow and Segmentation fault do a great job of explaining them in detail.

The Stack Overflow answer on What is segmentation fault?, also provide a great explanation.

If you want a REALLY in depth look inside buffers, how to work with them and manipulate them through asm/c code, I highly recommend you read the article, "Smashing The Stack For Fun And Profit". This article is essentially the bible on the first security exploits using buffers. And it's really an outstanding piece of work.

Also, if you're still in university, I highly recommend you read the wikipedia on any concepts you learn in school. It's amazing how much more in depth the wikipedia articles go then the professors do (and I went to one of the top universities in the world). You'll find that reading the wikipedia articles will really help you prepare for the "curve balls" that the professor will throw at you during midterms and finals.

Please let me know if you have any questions!