-5

Following is code snippet :

char *b = NULL;

b = new char[5];

if(b != NULL) {

    printf("b=%p\n",b);

    sprintf(b, "helloPLS...123456789123456789");

    printf("b = %s\n", b);
}

output : b = helloPLS...123456789123456789

If only 5 bytes were allocated then why all "helloPLS...123456789123456789" string is added into 5 byte memory?

My program works perfectly fine.

Logicbomb
  • 531
  • 1
  • 6
  • 20

1 Answers1

4

You are writing past the end of memory you allocated. The C standard clearly says the behavior in this case is undefined.

And undefined behavior doesn't mean "always crash". It means it may appear to work. It means the implementation of your C run time environment is within its right to do anything it desires, and that will still be standard compliant.

Undefined behavior is something you should carefully watch out for, precisely because your program may "work perfectly fine" until it just won't.

StoryTeller - Unslander Monica
  • 165,132
  • 21
  • 377
  • 458
  • how to know that what is size allocated to "b" variable in above code? Since sizeof(b) will be always 4byte – Logicbomb Jan 18 '17 at 11:27
  • 1
    @Logicbomb - Buffer sizes need to be passed around in C. There is no way around it. Special care must be taken. – StoryTeller - Unslander Monica Jan 18 '17 at 11:29
  • 1
    @Logicbomb record it or add a terminator, there is no other way. That said C++ is tagged in your q, if you're actually using C++ you probably shouldn't be using `malloc()` – George Jan 18 '17 at 11:29
  • 1
    ... or even `char*`. Use `std::string` and forget about having to handle memory yourself. – Allison Lock Jan 18 '17 at 11:31
  • yes we are using c++ but this happens same with new operator also. – Logicbomb Jan 18 '17 at 11:33
  • @Logicbomb - (1) Don't conflate C and C++. Different languages. (2) Don't use C idioms in C++. There are resource managing objects in the standard library for a reason. (3) Don't seek to justify undefined behavior. Just avoid writing code that has it. – StoryTeller - Unslander Monica Jan 18 '17 at 11:34
  • Don't use `new` in C++. Use `std::vector`, `std::string`, `make_unique`, or `make_shared`. (There are other options, but that is most of them) – Martin Bonner supports Monica Jan 18 '17 at 11:35
  • @Logicbomb As pointed out there's loads of `class`'s in the standard library that wrap pointers. There's literally no point in writing a worse version of what is already there. – George Jan 18 '17 at 11:37
  • So my intention is how to restrict memory access more than allocated range. It is NOT possible to pass allocated value everywhere throughout the code. – Logicbomb Jan 18 '17 at 11:41
  • @Logicbomb - You can't. Neither C nor C++ protect you from it. That's why it was repeatedly suggested you actually use C++ to the fullest by employing `std::string`, that class has logic in place that *does* protect you to a greater extent. – StoryTeller - Unslander Monica Jan 18 '17 at 11:42
  • this is NOT about using std::string or not, this about new opearator – Logicbomb Jan 18 '17 at 11:48
  • @Logicbomb - We all understood that, thank you very much. The answer however is to NOT manage memory yourself, and to USE classes which protect you. – StoryTeller - Unslander Monica Jan 18 '17 at 11:50