gpt4 book ai didi

c - LeetCode : Address Sanitizer Violations

转载 作者:行者123 更新时间:2023-12-04 08:54:36 26 4
gpt4 key购买 nike

我正在研究一些示例,但不断收到这些 Address Sanitizer 堆缓冲区溢出错误。我一生都无法弄清楚潜在的溢出在哪里:

bool detectCapitalUse(char * word){

int CapitalLet = 0;
int WordLen = sizeof(word)/sizeof(char);
bool result = 0;

for (int i = 0; i < WordLen; i++)
{
if (word[i] >= 'A' && word[i] <= 'Z' )
{
CapitalLet++;
}
}

if( CapitalLet == WordLen )
{
result = 1;
}
else if ((CapitalLet == 1) && (word[0] >= 'A' && word[0] <= 'Z'))
{
result = 1;
}
else if (CapitalLet == 0 )
{
result = 1;
}
else
{
result = 0;
}

return result;
}
编辑:这是完整的错误消息。
=================================================================
==31==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000000017 at pc 0x000000401850 bp 0x7ffcd5e90680 sp 0x7ffcd5e90670
READ of size 1 at 0x602000000017 thread T0
#2 0x7f2bb38ea82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
0x602000000017 is located 0 bytes to the right of 7-byte region [0x602000000010,0x602000000017)
allocated by thread T0 here:
#0 0x7f2bb4905f88 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10bf88)
#4 0x7f2bb38ea82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
Shadow bytes around the buggy address:
0x0c047fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c047fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c047fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c047fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c047fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c047fff8000: fa fa[07]fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c047fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==31==ABORTING

最佳答案

因为您的代码中没有使用 heap memory ,没有什么可能导致堆溢出,但可以解决的问题在这里:

int WordLen = sizeof(word)/sizeof(char);. 
在论证中
(char * word)   
word在作为参数传递时衰减为指针,所以
sizeof(word) 
真的会返回一个指针的大小(32 位寻址的 4 个字节),而不是您可能传递的数组的大小。顺便说一句, sizeof(char)总是 1根据定义。
将表达式更改为:
int WordLen = strlen(word);
更改这一行可以让您的代码按我认为的那样工作。我使用以下调用方法对其进行了测试:
int main(void) 
{
char word[] = {"this is A string"};
bool res = detectCapitalUse(word);
return 0;
}
一个警告 :
如果您碰巧在调用函数中使用了动态分配的内存,或者在本文未包含的其他地方使用了动态分配的内存,并且尝试错误地访问该内存块,则可能导致堆缓冲区溢出.

关于c - LeetCode : Address Sanitizer Violations,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/63909823/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com