Is it a case of memory overflow or overwrite in C?

Question

This is my code. I am playing around with a small piece of code I wrote.

Even though the character array of pointers is of 2 elements, I am able to write in a memory location using the pointer address of that character array indirectly even when it is just having 2 elements.

I am probably thinking it in a wrong way or because I over-exerted for today.

I hope someone can shed some light on it.

#include <stdio.h>

int main(void)
{
    char a[] ="GKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3u";
    char b[] ="GKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3uGKdkOSwdDMjQKT6fgZ3u";
    char *line_store[2];
    *(line_store) = a;
    *(line_store + 2) = b;
    printf("%s\n\n", *(line_store));
    printf("%s\n\n", *(line_store+1));
    printf("%s\n\n", *(line_store+2));
    return 0;
}

@kaylum I truly tried not to create any duplicate thread and I positively believe, it isn't exactly a duplicate case rather a slightly nuanced version, maybe? — Avineshwar, Jun 07 '16 at 01:45
Why? You read/write an array element that is out of bounds. How is that different or naunced? The bottom line is that it is Undefined Behaviour. Your expectation that it will fail in a certain way are incorrect. You cannot have any such expectation when UB is in play. — kaylum, Jun 07 '16 at 01:47
Descriptive is a better word. That post is having a minimum example of the situation and I believe I did a better job explanation my issue through my code & bottom line is not restricted to undefined behaviour here. — Avineshwar, Jun 07 '16 at 01:54
Huh? Not sure what you mean. The key issue is out of bounds access. Are you asking for a definition of Undefined Behaviour? Please clarify exactly what you want to know. — kaylum, Jun 07 '16 at 01:55
`line_store` can contain 2 elements. Writing `*(line_store + 2)` is undefined behaviour. Once a single line of your code supports UB, your whole program becomes U (undefined). — babon, Jun 07 '16 at 05:26

score 4 · Accepted Answer · answered Jun 07 '16 at 01:42

4

Your code works because C doesn't do any boundary checking on your array. You're writing beyond the last element you allocated, which causes it to write into unallocated space in memory. This is probably working by accident, and subsequent runs could theoretically crash, or overwrite other valid memory segments, depending where and how this is done in a larger program.

answered Jun 07 '16 at 01:42

CDahn

1,795
12
23

Oh yes, bounds checking! I will hopefully make this code fail without using compiler's help or maybe that is not a good option and rather I should rely on compiler flag(s) ?. – Avineshwar Jun 07 '16 at 01:48
Are you trying to make the program crash? – CDahn Jun 07 '16 at 01:50
I mean I should crash it, right? Because this is something which doesn't looks good, ain't so? At least the compilation (maybe because of some compiler flag) should fail. – Avineshwar Jun 07 '16 at 01:55
1

@Avineshwar No. "It should crash" is an incorrect expectation as I have already explained to you. It is Undefined Behaviour. Even though it may crash in some programs, with some compiler on some days it is not *defined* to crash and the compiler/OS is under no obligation to ensure it crashes. – kaylum Jun 07 '16 at 01:57
@kaylum I think I managed to get my answer through discussion here and the reference to that suggested post. – Avineshwar Jun 07 '16 at 02:00
"Your code works because C doesn't do any boundary checking on your array" is not supported by the C spec. A C compiler may do bounds checking and be a compliant compiler. The behavior of accessing out of bounds arrays is _not_ defined. May sound like a word quibble but the opening sentence sounds like a complier must not do bounds checking to be compliant. – chux - Reinstate Monica Jun 07 '16 at 03:13

Is it a case of memory overflow or overwrite in C?

1 Answers1