0

I recently started developing C. And I can't find any error in the code, I would appreciate it if you could point it out to me (thanks in advance)

int* decode(int* encoded, int encodedSize, int first, int* returnSize){
*returnSize=encodedSize+1;
int *arr=malloc(encodedSize * sizeof(int) + 1);
arr[0] = first;
for (int i=0;i<encodedSize;i++){
    arr[i+1]=encoded[i] ^ arr[i];
}
return arr;
}

I really don't understand what the problem is because I dynamically allocated memory for the array. error:

==31==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000000038 at pc 0x55c6f70c693c bp 0x7ffcc2336140 sp 0x7ffcc2336130
READ of size 4 at 0x602000000038 thread T0
    #2 0x7f2acc57b0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
0x60200000003b is located 0 bytes to the right of 11-byte region [0x602000000030,0x60200000003b)
allocated by thread T0 here:
    #0 0x7f2acd1c0bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
    #3 0x7f2acc57b0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
Shadow bytes around the buggy address:
  0x0c047fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c047fff8000: fa fa 00 04 fa fa 00[03]fa fa fd fa fa fa fd fa
  0x0c047fff8010: fa fa fd fa fa fa 00 fa fa fa fa fa fa fa fa fa
  0x0c047fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==31==ABORTING
Improve this question
2
  • encodedSize * sizeof(int) + 1 uses the same precedence rules as normal math. So it's really (encodedSize * sizeof(int)) + 1 when you want (1 + encodedSize) * sizeof(int). Commented Jan 19, 2023 at 19:52
  • Денис Моро, even better use arr = malloc(sizeof arr[0] * (encodedSize + 1u)); Commented Jan 19, 2023 at 22:07

1 Answer 1

Reset to default
3

I think you mean

 (encodedSize + 1) * sizeof(int)

not

encodedSize * sizeof(int) + 1

you want an extra int , not an extra byte (I think)

Becaase of this

arr[i+1]=encoded[i] ^ arr[i];
     ^^
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.