4

So I keep running to this error: free(): invalid next size(fast) when I run my code. If I remove the free at the end of the function I know I am leaking memory but I don't understand why I am getting this error.

I assume it has something to do with me allocating memory incorrectly but I can't seem to find the fix, here is my code: 

bool parse(const char* line) //NOT WORKING JUST QUITE 
{
    char* copy = malloc(sizeof(line)); //allocate space for a copy of the line parameter
    strcpy(copy, line); //copy the line parameter

    char* method = strtok(copy, " "); //pointer to the method 
    char* reqLine = strtok(NULL, " "); //pointer to the requestline
    char* version = strtok(NULL, "\r\n"); //pointer to the HTTP-Version

    if (strcmp(method,"GET") != 0) //if the method is not GET
    {
        printf("%s\n", method);
        printf("ERROR 405\n");
        return false;
    }
    if (strncmp(reqLine, "/", 1) != 0)//if the request line does not begin with a / character
    {
        printf("%c\n", reqLine[0]);
        printf("%s\n", reqLine);
        printf("ERROR 501\n");
        return false; 
    }
    if (strchr(reqLine, 34) != NULL) //if the request line contains a " character
    {
        printf("%s\n", reqLine);
        printf("ERROR 400\n");
        return false;
    }
    if (strcmp(version, "HTTP/1.1") != 0)
    {
        printf("%s", version);
        printf("ERROR 505\n");
        return false;
    }

//free(copy); 
return true;
}

If it helps the passed in const char* line is of the form:

method SP request-target SP HTTP-version CRLF

Where SP is a space and CRLF is carridge return, line feed.

Reaz Murshed
  • 23,691
  • 13
  • 78
  • 98
SillyRab
  • 65
  • 1
  • 6
  • 1
    You allocate memory somewhere. Then you write out of bounds of that memory. That is the only reason for an error such as this. – Some programmer dude Aug 24 '16 at 03:03
  • I don't think this is the case @JoachimPileborg, I posted an answer. I think his `malloc()` is not as it should be! – gsamaras Aug 24 '16 at 03:04
  • Also when you have a pointer then `sizeof` on that pointer will give you the size *of the pointer*, and not what it points to. On a 32-bit system it will most likely be `4` and on a 64-bit system it will most likely be `8`. – Some programmer dude Aug 24 '16 at 03:04
  • 2
    @gsamaras That's exactly the reason. The allocation is to small and the OP writes out of bounds of that allocation. – Some programmer dude Aug 24 '16 at 03:05
  • I thought this is why there is `strdup`? –  Aug 24 '16 at 03:06
  • Agreed JoachimPileborg, but damn my Internet is sooo slow that I didn't see @BLUEPIXY's comment, who seem to spotted that some seconds before of me, so if he wishes I can delete my answer, so that he can post one, if desired. `strdup()` is *not* standard [tag:c] Evert, better not proposing to a beginner. – gsamaras Aug 24 '16 at 03:06
  • Possible duplicate of [Error: free(): invalid next size (fast):](https://stackoverflow.com/questions/4729395/error-free-invalid-next-size-fast) – Raedwald Nov 22 '18 at 09:09

2 Answers2

5

Change this:

char* copy = malloc(sizeof(line));

to this:

char* copy = malloc(strlen(line) + 1);

The first allocates space for the size of line, which is a POINTER!

While the second, allocates space equal to the length of the string that line points to, plus one, for the NULL terminator (please don't forget that and you will live a happier -life)! ;)

BTW, I believe that it's more common to write the comments of your code above the line of code (rather than next to it). :)

gsamaras
  • 71,951
  • 46
  • 188
  • 305
  • 1
    Thank you very much for you answer, it helped me out tons! – SillyRab Aug 25 '16 at 01:32
  • You are welcome! You see @SillyRab, you posted a good question, especially one that one could actually answer, since it had all the required info, bravo! That's others and me upvoted. Glad I helped! – gsamaras Aug 25 '16 at 02:20
2

On the line:

char* copy = malloc(sizeof(line)); //allocate space for a copy of the line parameter

You are allocating memory to hold the size of a pointer. You need to allocate the length of the string instead. See the following:

#include <stdio.h>
#include <string.h>

int main(int argc, const char* argv[]) {
  const char *line = "this is a line";
  printf("sizeof line: %zu\n", sizeof(line));
  printf("strlen line: %zu\n", strlen(line));
  return 0;
}

output:

sizeof line: 8
strlen line: 14

You should allocate on strlen+1 (to account for the null character).

Miguel Sosa
  • 62
  • 5
  • 2
    `sizeof` ans `strlen` return `size_t` which should be printed with [`%zu`](http://stackoverflow.com/q/940087/995714). Printing with the wrong format specifier invokes undefined behavior. What if `size_t` is different from `long` on that platform? – phuclv Aug 24 '16 at 03:34
  • Thank you for your answer, it was very informative! – SillyRab Aug 25 '16 at 01:32