0

The question is regarding "strcpy" using char pointer, which gives me segmentation fault. With a simple code below segmentation fault does not occur until no of characters in the string has reached 4 i.e "ZZZZ". why?

CASE 1:

#include<stdio.h>
#include<string.h>

int main()
{
    char *name;
    strcpy(name,"Z");
    printf("%s\n",name);
    return 0;
}

output of this code is:

Z

CASE 2: When i use 2 characters in strcpy:

strcpy(name,"ZZ"); output of this code is:

ZZ

CASE 3: When i use 2 characters in strcpy:

strcpy(name,"ZZZ"); output of this code is:

ZZZ

CASE 4: When i use 2 characters in strcpy:

strcpy(name,"ZZZZ"); output of this code is:

ZZZZ Segmentation fault (core dumped)

Similar results are obtained not only with strcpy but also with gets/puts pair. There should be something related to the string length. I understand that the pointer has to be initialized properly. Here i just wanted to understand the reason for such a result because of its consistency. why after 4 characters ?

Sudhish Vln
  • 1
  • 2
  • 4
    `name` is uninitialized. Reading from an uninitialized variable has undefined behavior. – melpomene Jun 17 '16 at 13:12
  • `strcpy` doesn't allocate memory, nor could it make `name` point to the memory even if it did. You have to change `name` to an array that can hold `"aaaa"` (which is 5 characters, not 4). – KABoissonneault Jun 17 '16 at 13:12
  • Unrelated, but you should fix the indentation of your code. – Jabberwocky Jun 17 '16 at 13:14
  • What is the difference between the two? Not that it matters of course, but I just fail to see it. – unwind Jun 17 '16 at 13:15
  • if you want to use a pointer, `name = strdup("aaaa");` then `free(name);` at the end of the program. – Weather Vane Jun 17 '16 at 13:16
  • 1
    @unwind the difference was length of the literal. – Weather Vane Jun 17 '16 at 13:17
  • The difference was luck – Christopher Schneider Jun 17 '16 at 13:20
  • @melpomene Reading? I'd think the main problem comes first, when it's used as the destination in `strcpy()`. The printing is UB too, but it's hardly the only (or worst) problem here, imo. – unwind Jun 17 '16 at 13:21
  • @unwind `f(x)` reads from `x`. Both `strcpy(name, ...)` and `printf(..., name)` read from `name`. – melpomene Jun 17 '16 at 13:36
  • I have edited my question for better understanding, please look into it again – Sudhish Vln Jun 17 '16 at 15:39
  • @P.P. Answers to the post at "Segmentation fault around strcpy" do not seem very relevant to my question. Please do not consider this question as duplicate – Sudhish Vln Jun 17 '16 at 16:06
  • @SudhishVln It's certainly relevant. Also, see the couple of links under that question. There's no difference between the 2 programs you posted as both programs invoke *undefined behaviour* in the *same* way. So you should probably try to read and understand *undefined behaviour* which is your *actual* problem. – P.P Jun 17 '16 at 16:48
  • @melpomene If the Segmentation fault was due to uninitialized char pointer in the case of strcpy(name,"ZZZZ"), then what about cases where i copied 1/2/3 characters to name pointer and there was no segmentation fault – Sudhish Vln Jun 17 '16 at 17:44
  • @SudhishVln Undefined behavior means literally anything can happen. To understand exactly what is going on in your case, you should look at the assembler code your compiler generates, as well as details of your platform's memory layout, how your stdio is implemented, possibly malloc details, etc. – melpomene Jun 17 '16 at 18:15

1 Answers1

4

strcpy copies into an existing buffer, and you do not provide one. strdup, on the other hand, allocates that buffer for you.

Maxim Egorushkin
  • 131,725
  • 17
  • 180
  • 271