C语言 addressSanitizer:地址上的堆缓冲区溢出
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/51579267/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
addressSanitizer: heap-buffer-overflow on address
提问by Linh Chi Nguyen
I am at the very beginning of learning C.
我刚开始学习 C。
I am trying to write a function to open a file, read a BUFFER_SIZE, store the content in an array, then track the character '\n'(because I want to get each line of the input).
我正在尝试编写一个函数来打开一个文件,读取一个BUFFER_SIZE,将内容存储在一个数组中,然后跟踪字符'\n'(因为我想获取输入的每一行)。
when I set the BUFFER_SIZEvery large, I can get the first line. when I set the BUFFER_SIZEreasonably small (say, 42) which is not yet the end of the first line , it prints out some weird symbol at the end, but I guess it is some bug in my own code.
当我设置BUFFER_SIZE非常大时,我可以获得第一行。当我设置BUFFER_SIZE还不是第一行结尾的相当小的(比如 42)时,它会在最后打印出一些奇怪的符号,但我想这是我自己代码中的一些错误。
however, when I set the BUFFER_SIZEvery small, say = 10, and i use the -fsanitizer=addressto check for memory leak. it throws a monster of error:
但是,当我设置BUFFER_SIZE非常小的值时,例如 = 10,并且我使用-fsanitizer=address来检查内存泄漏。它引发了一个错误的怪物:
==90673==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6020000000fb at pc 0x000108868a95 bp 0x7fff573979a0 sp 0x7fff57397998
READ of size 1 at 0x6020000000fb thread T0
If anyone can explain me in a general sense:
如果有人可以从一般意义上解释我:
what is fsanitizer=address flag?
what is heap-buffer-overflow?
what is address and thread? what is the flag to see the thread in colors on screen?
and why it says 'read of size 1 at address.." ?
什么是 fsanitizer=address 标志?
什么是堆缓冲区溢出?
什么是地址和线程?在屏幕上看到彩色线的标志是什么?
以及为什么它说“在地址处读取大小为 1..”?
i would really appreciate <3
我真的很感激 <3
回答by SHR
what is fsanitizer=address flag?
什么是 fsanitizer=address 标志?
Usually C compiler doesn't add boundaries check for memory access. Sometimes due to code error, there is read or write from outside the buffer, such an error is usually hard to detect. Using this flag the compiler add some boundaries check, to ensure you won't use a buffer to reach outside of its allocation.
通常 C 编译器不会为内存访问添加边界检查。有时由于代码错误,从缓冲区外部读取或写入,这种错误通常很难检测到。使用此标志,编译器会添加一些边界检查,以确保您不会使用缓冲区到达其分配范围之外。
what is heap-buffer-overflow?
什么是堆缓冲区溢出?
use an array to reach after its allocation,
使用数组在分配后到达,
char* x = malloc(10);
char n=x[11]; //heap-buffer-overflow
(underflow is to reach before its allocation)
(下溢是在其分配之前达到)
char* x = malloc(10);
char n=x[-11]; //heap-buffer-underflow
what is address and thread?
什么是地址和线程?
Address is position in memory, thread is part of process running sequence of code.
地址是内存中的位置,线程是进程运行代码序列的一部分。
and why it says 'read of size 1 at address.." ?
以及为什么它说“在地址处读取大小为 1..”?
It means you read single byte form the given address.
这意味着您从给定地址读取单字节。
I think your problem is that you allocate the BUFFER_SIZEfor the buffer and read the same BUFFER_SIZEinto it. The correct approach is to always declare at least one more byte than you read.
like this:
我认为您的问题是您BUFFER_SIZE为缓冲区分配了并将其读BUFFER_SIZE入其中。正确的方法是始终声明至少比读取的字节多一个字节。像这样:
char* buff = malloc(BUFFER_SIZE+1);//notice to +1
fread(buff,1,BUFFER_SIZE,fp);
回答by Sumit Kapoor
In simple words it is segmentation fault with the variable created using new keyword as all that goes into heap area of memory.
简单来说,它是使用 new 关键字创建的变量的分段错误,因为所有进入内存的堆区域。
Explanation- you are trying to access such an address for which you haven't declared your variable, to find all such errors revisit all your conditions and check if you are accessing something out of bounds are not.
解释- 您正在尝试访问尚未声明变量的地址,以查找所有此类错误,重新访问所有条件并检查您是否正在访问越界的内容。
