我已经经历了几个有关相同错误代码的类似问题,最关心的是传递无效指针地址。但是,这看起来并非如此,因为我的程序正确地处理了传递的任何地址。
FORMAT_STRING:
static char *format_string(char *string)
{
int i;
if (string == NULL) {
return string;
}
string[0] = (char)toupper((int)string[0]);
111->for (i = 1; string[i] != '\0'; i++) {
if (!isalpha(string[i-1])) {
string[i] = (char)toupper((int)string[i]);
} else {
string[i] = (char)tolower((int)string[i]);
}
if (string[i] == '/' || string[i] == '\\') {
string[i] = ' ';
}
}
/* Remove End of string White Spaces */
while (string[--i]==' '); string[++i]='\0';
return string;
}
metadata_extract:
static int metadata_extract(const char *filename, struct kw_metadata *s)
{
char *memchar = NULL;
s->obj = NULL;
s->do_cleanup = &do_on_cleanup;
if (!is_of_type(filename)) {
return KW_ERROR;
}
TagLib_File* file = taglib_file_new(filename);
TagLib_Tag* tag = taglib_file_tag(file);
s->type = strdup("Audio");
s->tagc = 4;
s->tagtype = (char **)malloc(4 * sizeof(char *));
s->tagv = (char **)malloc(4 * sizeof(char *));
memchar = strdup("title");
s->tagtype[0] = memchar;
memchar = strdup("artist");
s->tagtype[1] = memchar;
memchar = strdup("album");
s->tagtype[2] = memchar;
memchar = strdup("genre");
s->tagtype[3] = memchar;
153->memchar = strdup(taglib_tag_title(tag));
memchar = format_string(memchar);
s->tagv[0] = memchar;
memchar = strdup(taglib_tag_artist(tag));
memchar = format_string(memchar);
s->tagv[1] = memchar;
memchar = strdup(taglib_tag_album(tag));
160->memchar = format_string(memchar);
s->tagv[2] = memchar;
memchar = strdup(taglib_tag_genre(tag));
memchar = format_string(memchar);
s->tagv[3] = memchar;
s->obj = file;
s->do_init = &do_on_init;
s->do_cleanup = &do_on_cleanup;
taglib_tag_free_strings();
taglib_file_free(file);
return KW_SUCCESS;
}
的valgrind:
==16769== Invalid read of size 1
==16769== at 0x5317605: format_string (plugin_taglib.c:111)
==16769== by 0x531781F: metadata_extract (plugin_taglib.c:160)
==16769== by 0x405EB3: metadata_extract (metadata_extract.c:36)
==16769== by 0x403351: add_metadata_file (dbbasic.c:221)
==16769== by 0x4032D5: add_file (dbbasic.c:174)
==16769== by 0x406485: import_semantics (import.c:97)
==16769== by 0x406440: import_semantics (import.c:92)
==16769== by 0x4065AC: import (import.c:127)
==16769== by 0x401916: main (kwest_main.c:87)
==16769== Address 0x6f4ce11 is 0 bytes after a block of size 1 alloc'd
==16769== at 0x4C2B3F8: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==16769== by 0x57A6D71: strdup (strdup.c:43)
==16769== by 0x531780F: metadata_extract (plugin_taglib.c:159)
==16769== by 0x405EB3: metadata_extract (metadata_extract.c:36)
==16769== by 0x403351: add_metadata_file (dbbasic.c:221)
==16769== by 0x4032D5: add_file (dbbasic.c:174)
==16769== by 0x406485: import_semantics (import.c:97)
==16769== by 0x406440: import_semantics (import.c:92)
==16769== by 0x4065AC: import (import.c:127)
==16769== by 0x401916: main (kwest_main.c:87)
答案 0 :(得分:6)
在
for (i = 0; string[i] != '\0'; i++) {
if (string[i-1]) {
您正在阅读string[-1],这通常是对大小为1的无效读取。
大概是你的意思
for(i = 1; ...
编辑后:
在循环之前,你应该检查字符串在结束前至少有一个字符,
if (string[0] == 0) return string;
(最好在string[0] = (char)toupper((int)string[0]);之前完成)。消息
地址0x6f4ce11在大小为1的块
之后为0字节
告诉您,您的strdup个字符串之一为空(大小为1的块表示只分配了0终结符的空间)。
标记尾随空格时,
while (string[--i]==' '); string[++i]='\0';
你不检查索引是否有效,如果整个字符串由空格组成,你至少阅读string[-1],你应该检查:
while(i-- > 0 && string[i] == ' ');
string[++i] = 0;
答案 1 :(得分:0)
在实际使用变量之前尝试使用 if(NULL!= memchar)进行验证;否则strdup和函数都会产生不可预测的结果。