...
| Wiki Markup |
|---|
This noncompliant code example assumes that the size of {{struct buffer}} is equal to the size of its individual components, which may not be the case \[[Dowd 06|AA. C References#Dowd 06]\]. The size of {{struct buffer}} may actually be larger due to structure padding. |
| Code Block | ||
|---|---|---|
| ||
enum { buffer_size = 50 }; struct buffer { size_t size; char bufferC[50buffer_size]; } buff; /* ... */ void func(const struct buffer *buf) { /* * Incorrectly assumes sizeof(struct buffer) = * sizeof(size_t) + sizeof(buff.bufferC) */ struct buffer *buf_cpy = (struct buffer *)malloc( sizeof(size_t) + sizeof(buff.bufferC) ); if (buf_cpy == NULL) { /* Handle malloc() error */ } /* * With padding, sizeof(struct buffer) may be greater than * sizeof(size_t) + sizeof(buff.bufferC), causing some data * to be written outside the bounds of the memory allocated. */ memcpy(buf_cpy, buf, sizeof(struct buffer)); /* ... */ free(buf_cpy); } |
...
| Code Block | ||
|---|---|---|
| ||
enum { buffer_size = 50 };
struct buffer {
size_t size;
char bufferC[buffer_size];
} buff;
/* ... */
void func(const struct buffer *buf) {
struct buffer *buf_cpy =
(struct buffer *)malloc(sizeof(struct buffer));
if (buf_cpy == NULL) {
/* Handle malloc() error */
}
/* ... */
memcpy(buf_cpy, buf, sizeof(struct buffer));
/* ... */
free(buf_cpy);
}
|
...