realloc():无效的下一个大小的C转储

时间:2012-06-25 17:47:21

标签: c malloc realloc

我在使用此功能时遇到了一些严重问题:当跟踪到达realloc时,它会爆炸。我已经检查了关于这个主题的类似问题,但没有任何结果。我希望你能帮助我。你看错了吗?

char **tokenizepath(char *path){    

    char str[256]; // buffer;
    char **token=NULL;
    char *saveptr; 
    int i=1;
    size_t tam = sizeof(char*);

    token = malloc(2 * tam);
    strcpy(str, path);

    if(str[0]=='\\'){
        token[0] = "\\";
        token[i++] = strtok_r(str, "\\", &saveptr);
    }else{
        token[0] = strtok_r(str, "\\", &saveptr);
    }

    while((token[i]=strtok_r(NULL, "\\", &saveptr))!=NULL){
        i++;
        token = realloc(token, (i+1)*sizeof(char*));
    }

    return token;

}

这是回溯:

* glibc detected * /home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev: realloc(): invalid next size: 0x0000000000605290 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x7a6e6)[0x7ffff7ab56e6]
/lib/x86_64-linux-gnu/libc.so.6(+0x7d3e7)[0x7ffff7ab83e7]
/lib/x86_64-linux-gnu/libc.so.6(realloc+0xf9)[0x7ffff7ab9b39]
/home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev[0x40319b]
/home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev[0x400c31]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7ffff7a5c30d]
/home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev[0x400aa9]
======= Memory map: ========
00400000-00404000 r-xp 00000000 00:14 542669                             /home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev
00603000-00604000 r--p 00003000 00:14 542669                             /home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev
00604000-00605000 rw-p 00004000 00:14 542669                             /home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev
00605000-00626000 rw-p 00000000 00:00 0                                  [heap]
7ffff0000000-7ffff0021000 rw-p 00000000 00:00 0 
7ffff0021000-7ffff4000000 ---p 00000000 00:00 0 
7ffff5ad9000-7ffff5aee000 r-xp 00000000 08:16 526333                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff5aee000-7ffff5ced000 ---p 00015000 08:16 526333                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff5ced000-7ffff5cee000 r--p 00014000 08:16 526333                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff5cee000-7ffff5cef000 rw-p 00015000 08:16 526333                     /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff5cef000-7ffff7a3b000 rw-p 00000000 00:14 273074                     /home/vlad/Sistemas Operativos/ext2.disk
7ffff7a3b000-7ffff7bd2000 r-xp 00000000 08:16 526221                     /lib/x86_64-linux-gnu/libc-2.13.so
7ffff7bd2000-7ffff7dd1000 ---p 00197000 08:16 526221                     /lib/x86_64-linux-gnu/libc-2.13.so
7ffff7dd1000-7ffff7dd5000 r--p 00196000 08:16 526221                     /lib/x86_64-linux-gnu/libc-2.13.so
7ffff7dd5000-7ffff7dd6000 rw-p 0019a000 08:16 526221                     /lib/x86_64-linux-gnu/libc-2.13.so
7ffff7dd6000-7ffff7ddc000 rw-p 00000000 00:00 0 
7ffff7ddc000-7ffff7dfd000 r-xp 00000000 08:16 523159                     /lib/x86_64-linux-gnu/ld-2.13.so
7ffff7fe2000-7ffff7fe5000 rw-p 00000000 00:00 0 
7ffff7ff9000-7ffff7ffb000 rw-p 00000000 00:00 0 
7ffff7ffb000-7ffff7ffc000 r-xp 00000000 00:00 0                          [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00020000 08:16 523159                     /lib/x86_64-linux-gnu/ld-2.13.so
7ffff7ffd000-7ffff7fff000 rw-p 00021000 08:16 523159                     /lib/x86_64-linux-gnu/ld-2.13.so
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0                          [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

提前致谢!

1 个答案:

答案 0 :(得分:3)

如果第一个测试为TRUE:

if(str[0]=='\\'){

然后在以下while循环的第一次迭代中:

while((token[i]=strtok_r(NULL, "\\", &saveptr))!=NULL){

i == 2,您在分配之前尝试访问token[2]


另一个问题:如果token数组在调用realloc之后移动(因为realloc无法在不移动的情况下增加大小),那么saveptr将不再有效。