1

Here's the code:

char* a[] = {"ls", "-l", "|", "grep", "test"};
  int pipe_idx = 2;

  char** ptr2 = a + (pipe_idx * sizeof(char**));
  printf("%s\n", *ptr2);

Basically, this is just a demo code. The program gets the pipe_index (in this case it's 2) and jumps to the right place, and then print it.

Why do I get segmentation fault?

LiorGolan
  • 355
  • 1
  • 4
  • 11

2 Answers2

3

ptr2 is pointing to memory that doesnt belong to you. Right now, it is pointing to a + 8, because sizeof(char**) is sizeof pointer, not the char itself. So the size exceeds your array size. It's UB, and thats why you are getting segfault.

If you are trying to traverse the array using char pointer, you do not need to the multiplication arithmetic as you are doing, you just need to add the pipe_idx to the pointer and it will do the desired arithmetic for you. You need,

char** ptr2 = a + pipe_idx
SandBag_1996
  • 1,570
  • 3
  • 20
  • 50
  • I dont understand the DV. Did i miss something? – SandBag_1996 May 06 '16 at 19:48
  • (Not my DV): Only if you're working with 32-bit code; it would be `a + 16` if you're working 64-bit. Still a long way out of bounds. The multiplication simply isn't necessary. The correct result is achieved with `char **ptr2 = a + pipe_idx;` — and maybe you should say so in your answer. – Jonathan Leffler May 06 '16 at 19:50
  • I understand, I was giving an example as to what could be happening on his system. Yes, it could be a+16 for 64bit, but I thought the question was as to why is OP getting a segfault and I explained that – SandBag_1996 May 06 '16 at 19:51
  • I agree multiplication is not necessary, but I cant advocate what you are suggesting because i dont know what OP really wants to print. Does he want to print the second entry in that array? or does he want a general way of printing what he wants? Either way, he can choose the right method now that he knows his calculation was off – SandBag_1996 May 06 '16 at 19:52
  • 1
    If you can't advocate the correct answer, maybe you should have been posting comments to request clarification? I'd go with `a[2]` points at `"|"` so the chances are high that `char **ptr2 = a + pipe_idx;` will give the desired result — and maybe add a comment (qualifier — weasel words) "unless the code was trying to do something else, but the question does not make that clear". – Jonathan Leffler May 06 '16 at 19:55
  • @SandBag_1996, but I need to "jump" in the `char**` array, don't I? so why isn't it `sizeof(char**) * jump_size`? – LiorGolan May 06 '16 at 19:56
  • The question was, "why am i getting segfault", and I answered that – SandBag_1996 May 06 '16 at 19:56
  • Indeed, but I'd be glad if you could elaborate about it. – LiorGolan May 06 '16 at 19:57
  • @LiorGolan, I try to explain it. See the edit. sizeof(char**) is sizeof pointer, which could be 4 or 8, depending on, if its 32bit or 64 bit, which is not what you want – SandBag_1996 May 06 '16 at 20:00
2

You should do:

char** ptr2 = &a[pipe_idx];

to point at the index (char *) and get the address (char **).

Or even:

char** ptr2 = a + pipe_idx;

+ on pointer is magic. You're effectively exceeding your bounds by multiplying.

Community
  • 1
  • 1
totoro
  • 2,469
  • 2
  • 19
  • 23