-5

I'm trying to follow some steps in a book. This is the exact code that's in the book but I'm getting an error message.

Both of the printf statements are the problem: 

printf(pointer);
printf(pointer2);

How do I fix this to actually print what's inside the pointer?

#include <stdio.h>
#include <string.h>

int main(void)
{
  char str_a[20]; //A 20-element array 
  char *pointer;  //A pointer, meant for a character array
  char *pointer2;  //And yet another one

  strcpy(str_a, "Hello World\n");
  pointer = str_a; //Set the first pointer to the start of the array
  printf(pointer);

  pointer2 = pointer + 2; //Set the second one 2 bytes further in.
  printf(pointer2);
  strcpy(pointer2, "y you guys\n"); //Copy into that spot.
  printf(pointer);
  return 0;
}
Jonathan Leffler
  • 730,956
  • 141
  • 904
  • 1,278
Mekanic
  • 137
  • 2
  • 10
  • 2
    printf("%s", str_a)? But be adviced, that printf is a security risk if used this way. Make shure str_a is always \0 terminated. – EGOrecords Oct 13 '15 at 07:22
  • 1
    use `printf("%s", pointer_variable);` or `fputs(pointer_variable, stdout);` – BLUEPIXY Oct 13 '15 at 07:25
  • Thank you guys both, those answers were fast and accurate. @BLUEPIXY, I used your method and it worked. – Mekanic Oct 13 '15 at 07:31
  • 1
    @Johannes Walcher because you said it was a security risk I did'nt use your method but I will do some resarch about the security risk right now. Thanks also. – Mekanic Oct 13 '15 at 07:33
  • see my answer, I gave you a starting point on why it is a security risk. – EGOrecords Oct 13 '15 at 09:27

2 Answers2

1

Try

printf("%s", str_a);

Now, if you want to print the address of the variable itself, you can try:

int a = 5;
printf("%p\n",(void*)&a);
Jonathan Leffler
  • 730,956
  • 141
  • 904
  • 1,278
Magisch
  • 7,312
  • 9
  • 36
  • 52
1

Use 

printf("%s", str_a);

It will print your str_a. But keep in mind that every char*-string in C has to be terminated by a \0-character. If it is not terminated, then everything that is in the ram after the string is also printed and accessed.

In the best case this results in a SIGSEGV, and your programm terminates. In the worst case somebody can use this to print for example plaintext password data stored in the RAM right beside the string you tried to print.

Read about "buffer overflow" and "stack overflow".

If you define the string by

const char* str = "Hello World";

then C will automatically add the \0 character for you, and the actual length of the string is 12 Bytes (for 11 Characters).

But if you go by strcpy or by reading it from stdin or from any untrusted source (like network) then you have a security leak.

But just for testing printf("%s", str_a) is just fine.

Other parameters for printf would be: 

d or i  Signed decimal integer  392
u   Unsigned decimal integer    7235
o   Unsigned octal  610
x   Unsigned hexadecimal integer    7fa
X   Unsigned hexadecimal integer (uppercase)    7FA
f   Decimal floating point, lowercase   392.65
F   Decimal floating point, uppercase   392.65
e   Scientific notation (mantissa/exponent), lowercase  3.9265e+2
E   Scientific notation (mantissa/exponent), uppercase  3.9265E+2
g   Use the shortest representation: %e or %f   392.65
G   Use the shortest representation: %E or %F   392.65
a   Hexadecimal floating point, lowercase   -0xc.90fep-2
A   Hexadecimal floating point, uppercase   -0XC.90FEP-2
c   Character   a
s   String of characters    sample
p   Pointer address b8000000
n   Nothing printed.

(source http://www.cplusplus.com/reference/cstdio/printf/)

You use these parameters like: 

printf("%i: %f and i am a  Character: [%a]", 10, 4.4, (char)a);
EGOrecords
  • 1,959
  • 2
  • 19
  • 33
  • Wow, this is some interesting stuff. I read a little about buffer overflows and saw that its a really good thing to know especially as a C programmer. Thanks for taking your time out to pass on all that information I really appreciate it man. Thanks again. – Mekanic Oct 14 '15 at 09:21
  • then it would be great if you accept this answer as the one that resolved the question! – EGOrecords Oct 14 '15 at 14:40