Question

请参阅Longest Palindromic Substring，我在Xcode中构建了此代码，并且运行良好。

此外，我还搜索了有关leetcode的此错误的许多相同问题，所有这些都与访问数组的索引不足有关，但我认为这不适合我。

static char * longestPalindrome(char * s)
{
    int i = 0, j = 0;
    int len = 0, max_start = 0, max_len = 0;

    while (s[i] != '\0') {
        j = i + 1;

        while (s[j] != '\0') {
            if (s[i] == s[j]) {
                int i1 = i + 1, j1 = j - 1;
                bool match = true;

                while (i1 < j1) {
                    match &= s[i1++] == s[j1--];

                    if (!match) {
                        break;
                    }
                }

                if (match) {
                    len = j - i + 1;

                    if (max_len < len) {
                        max_len = len;
                        max_start = i;
                    }
                }
            }

            j++;
        }

        i++;
    }

    #-------------------- ISSUE BEGIN -------------------------
    if (max_len > 0) {
        char *result = (char *)malloc(max_len + 1);
        // strncpy(result, substr, max_len);
        memcpy(result, s + max_start, max_len);
        return result;
    }
    #--------------------- ISSUE END --------------------------

    return NULL;
}

=================================================================
==29==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000000033 at pc 0x0000004021b4 bp 0x7ffc0bd75e60 sp 0x7ffc0bd75e58
READ of size 1 at 0x602000000033 thread T0
    #3 0x7f7262d0b2e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
0x602000000033 is located 0 bytes to the right of 3-byte region [0x602000000030,0x602000000033)
allocated by thread T0 here:
    #0 0x7f72645ba2b0 in malloc (/usr/local/lib64/libasan.so.5+0xe82b0)
    #3 0x7f7262d0b2e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
Shadow bytes around the buggy address:
  0x0c047fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c047fff8000: fa fa 06 fa fa fa[03]fa fa fa fa fa fa fa fa fa
  0x0c047fff8010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==29==ABORTING

Leetcode：AddressSanitizer：堆缓冲区溢出

0 个答案: