I'm tryin to solve the problem "Length of Last Word" in leetcode. It showing runtime error but I got output for the same input in my machine

Question

I'm getting error for the input "a". Error message is like this ================================================================= ==22==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60200000008f at pc 0x55a501284db8 bp 0x7ffd0c0b9450 sp 0x7ffd0c0b9440 READ of size 1 at 0x60200000008f thread T0 #2 0x7f6a233ee082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) 0x60200000008f is located 1 bytes to the left of 2-byte region [0x602000000090,0x602000000092)

The code I have used is

int lengthOfLastWord(char *s){
    int count = 0;
    int len = strlen(s) -1;
    int templen = len;
    for (int i = len;s[i] == ' ';i--){
        templen--;
    }
    for (int i = templen; (s[i] != ' ') && (i >= 0); i--){
        count++;
    }
    return count;
}

Try it with an empty string where `len` becomes `-1`. What does `s[i]` do then? — Ted Lyngmo, Aug 17 '23 at 16:54
@TedLyngmo I tried `for (int i = len;(s[i] == ' ') && (i >= 0);i--)` but still getting error — Sibi K, Aug 18 '23 at 04:39
You effectively do `s[-1]` which makes your program have undefined behavior — Ted Lyngmo, Aug 18 '23 at 06:26
please accept one of the answers, or explain how they do not solve your problem. If you do not know what the answers mean by "undefined behaviour", read this post: https://stackoverflow.com/a/4105123/7465516 . It is an important concept to know for any C-programmer. — julaine, Aug 22 '23 at 07:41

Erich Kitzmueller · Answer 1 · 2023-08-21T08:53:24.130

0

This part

for (int i = len;s[i] == ' ';i--){
    templen--;
}

causes "undefined behaviour" (possibly a crash) on input that consists only of spaces, since it doesn't stop at i==0.

edited Aug 21 '23 at 08:53

answered Aug 17 '23 at 16:42

Erich Kitzmueller

36,381
5
80
102

An empty string would be bad too. – Retired Ninja Aug 17 '23 at 16:44
@RetiredNinja I have tried `for (int i = len;(s[i] == ' ') && (i >= 0);i--)` but still getting error – Sibi K Aug 18 '23 at 04:44
1

The check for range needs to be before you access the data. `if (in_range && value_matches)` – Retired Ninja Aug 18 '23 at 04:52
@RetiredNinja why I'm getting correct output in my local machine – Sibi K Aug 18 '23 at 12:08
1

It is undefined behavior to access the array out of bounds. One possible outcome of that is that it appears to work correctly. If you turn on AddressSanitizer it may catch the out of bounds access if it happens. Add `-fsanitize=address,undefined` to your compile command if using gcc or clang. – Retired Ninja Aug 18 '23 at 16:15
This is most likely the correct answer to the problem (an illegal read of size 1 to the left of 2-byte-region matches this bug perfectly). Even if it does not fully solve the problem this answer found a bug in OPs code. So I really really do not understand the downvote. – julaine Aug 21 '23 at 10:08
@julaine the original answer stated "causes a crash", which is just one possible (though somewhat likely) outcome of "undefined behaviour". Maybe the downvote was deserved for that. – Erich Kitzmueller Aug 21 '23 at 11:12

score 0 · Answer 2 · answered Aug 21 '23 at 10:29

Here

(s[i] != ' ') && (i >= 0)

Due to the order of evaluation¹, the access to the i element of the array is performed before the non negativity check, in a loop where the index is decremented. This results in undefined behavior² when i reaches -1 (access out of bounds) and one of the worst outcome of UB is IMHO a program seemingly producing the expected output.

To fix the code, we just have to check the indices before using them³.

^{1) https://en.cppreference.com/w/c/language/operator_logical#Logical_AND}
^{2) https://en.cppreference.com/w/c/language/behavior}
^{3) https://godbolt.org/z/8oPeK64xq}

I'm tryin to solve the problem "Length of Last Word" in leetcode. It showing runtime error but I got output for the same input in my machine

2 Answers2