我在使用这个函数时遇到了一些严重的问题:当跟踪到达realloc时,它会爆炸。我已经检查了关于这个主题的类似问题,但没有任何结果。我希望你能帮助我。你看出有什么不对吗?
char **tokenizepath(char *path){
char str[256]; // buffer;
char **token=NULL;
char *saveptr;
int i=1;
size_t tam = sizeof(char*);
token = malloc(2 * tam);
strcpy(str, path);
if(str[0]=='\'){
token[0] = "\";
token[i++] = strtok_r(str, "\", &saveptr);
}else{
token[0] = strtok_r(str, "\", &saveptr);
}
while((token[i]=strtok_r(NULL, "\", &saveptr))!=NULL){
i++;
token = realloc(token, (i+1)*sizeof(char*));
}
return token;
}
以下是回溯:
* glibc detected * /home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev: realloc(): invalid next size: 0x0000000000605290 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x7a6e6)[0x7ffff7ab56e6]
/lib/x86_64-linux-gnu/libc.so.6(+0x7d3e7)[0x7ffff7ab83e7]
/lib/x86_64-linux-gnu/libc.so.6(realloc+0xf9)[0x7ffff7ab9b39]
/home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev[0x40319b]
/home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev[0x400c31]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7ffff7a5c30d]
/home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev[0x400aa9]
======= Memory map: ========
00400000-00404000 r-xp 00000000 00:14 542669 /home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev
00603000-00604000 r--p 00003000 00:14 542669 /home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev
00604000-00605000 rw-p 00004000 00:14 542669 /home/vlad/workspace_SisOp/RFSDev/Debug/RFSDev
00605000-00626000 rw-p 00000000 00:00 0 [heap]
7ffff0000000-7ffff0021000 rw-p 00000000 00:00 0
7ffff0021000-7ffff4000000 ---p 00000000 00:00 0
7ffff5ad9000-7ffff5aee000 r-xp 00000000 08:16 526333 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff5aee000-7ffff5ced000 ---p 00015000 08:16 526333 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff5ced000-7ffff5cee000 r--p 00014000 08:16 526333 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff5cee000-7ffff5cef000 rw-p 00015000 08:16 526333 /lib/x86_64-linux-gnu/libgcc_s.so.1
7ffff5cef000-7ffff7a3b000 rw-p 00000000 00:14 273074 /home/vlad/Sistemas Operativos/ext2.disk
7ffff7a3b000-7ffff7bd2000 r-xp 00000000 08:16 526221 /lib/x86_64-linux-gnu/libc-2.13.so
7ffff7bd2000-7ffff7dd1000 ---p 00197000 08:16 526221 /lib/x86_64-linux-gnu/libc-2.13.so
7ffff7dd1000-7ffff7dd5000 r--p 00196000 08:16 526221 /lib/x86_64-linux-gnu/libc-2.13.so
7ffff7dd5000-7ffff7dd6000 rw-p 0019a000 08:16 526221 /lib/x86_64-linux-gnu/libc-2.13.so
7ffff7dd6000-7ffff7ddc000 rw-p 00000000 00:00 0
7ffff7ddc000-7ffff7dfd000 r-xp 00000000 08:16 523159 /lib/x86_64-linux-gnu/ld-2.13.so
7ffff7fe2000-7ffff7fe5000 rw-p 00000000 00:00 0
7ffff7ff9000-7ffff7ffb000 rw-p 00000000 00:00 0
7ffff7ffb000-7ffff7ffc000 r-xp 00000000 00:00 0 [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00020000 08:16 523159 /lib/x86_64-linux-gnu/ld-2.13.so
7ffff7ffd000-7ffff7fff000 rw-p 00021000 08:16 523159 /lib/x86_64-linux-gnu/ld-2.13.so
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
提前感谢!
如果第一个测试为 TRUE:
if(str[0]=='\'){
然后在以下 while 循环的第一次迭代中:
while((token[i]=strtok_r(NULL, "\", &saveptr))!=NULL){
i == 2,并且您正在尝试在分配之前访问token[2]。
另一个问题是:如果token数组在调用 realloc 后移动(因为 realloc 无法在不移动的情况下增加大小),那么saveptr将不再有效。