Why does a 'segmentation fault' occur in this code?

Question

void loop(char * a){
  for(int i=0;i<10;i++){
    printf("%s\n", a);
  }
}

int main(){
  char str[] = "";

  printf("input:");
  scanf("%[^\n]s", str);

  loop(str);

  return 0;
}

There's nothing wrong when I input short string, but the problem is that when I input longer string.

For example,

input:abcdefghijkl

abcdefghijkl

input:

abcdefghijklm

exited, segmentation fault

Why does this error occur? Is this related to buffer overflow?

@Damien It is size 1 (containing only terminating null-character) — MikeCAT, Feb 25 '21 at 13:49
Also worth to mention which are the root causes of segmentation fault. It can help understanding which memory region triggers the fault. https://stackoverflow.com/questions/2346806/what-is-a-segmentation-fault — Marco Frau, Feb 25 '21 at 14:01
@MarcoFrau Thanks for the advice! I'll take care of that part next time. — L-IKEA, Feb 25 '21 at 14:14

score 2 · Answer 1 · answered Feb 25 '21 at 13:48

2

You invoked undefined behavior by writing to out-of-range to the 1-element array str, allowing anything to happen.

Allocate enough buffer and limit the maximum length to read to avoid buffer overflow.

int main(){
  char str[102400] = ""; /* allocate enough size */

  printf("input:");
  scanf("%102399[^\n]s", str); /* limit the length to read (the size of buffer minus one for terminating null-charater) */

  return 0;
}

answered Feb 25 '21 at 13:48

MikeCAT

73,922
11
45
70

Telling rookies to allocate 102400 bytes on the stack isn't great advise, however... You might want to edit that to a lower size. – Lundin Feb 25 '21 at 13:58

score 2 · Answer 2 · answered Feb 25 '21 at 13:50

2

The way you define str:

char str[] = "";

It is exactly big enough to contain a zero-length string, i.e. it's an array of length 1. So any larger string that you try to write to it will overrun the buffer, triggering undefined behavior.

You should give your buffer a size that will be large enough to accept the size of string you'll expect.

char str[100];

And update the scanf call to limit the number of characters:

scanf("%99[^\n]s", str);

answered Feb 25 '21 at 13:50

dbush

205,898
23
218
273

Ok I got it, but what if I'm not sure how large the input would be? – L-IKEA Feb 25 '21 at 13:57
@L-IKEA [c - How can I read an input string of unknown length? - Stack Overflow](https://stackoverflow.com/questions/16870485/how-can-i-read-an-input-string-of-unknown-length) – MikeCAT Feb 25 '21 at 13:59
@MikeCAT Thanks a lot! I wonder if the rookie (like me) could come up with such complicated way. – L-IKEA Feb 25 '21 at 14:04

Why does a 'segmentation fault' occur in this code?

2 Answers2