小贝子编程

C语言 为什么我被检测到堆栈粉碎

  • 本文关键字:堆栈 语言 stack-smash
  • 更新时间 :
  • 英文 :
 
#include <stdio.h>
#include <stdlib.h>
typedef struct
{
    char currency[80];
    double exchangerate;
} exchangeT;
void main()
{
    char from[10];
    int i;
    printf("convert from: ");
    scanf("%s", &from[10]); //this seems to be where the problem is
    //printf("into: ");
    //scanf("%s", to);
    //printf("How many of type %s", to);
    FILE *file = fopen("/home/jeffwang/Desktop/exchange.dat", "r");
    exchangeT exchange[5];

    for(i = 0; i < 5; i++)
    {
        fscanf(file, "%s %lf", &exchange[i].currency, &exchange[i].exchangerate);
        printf("%s %lfn", exchange[i].currency, exchange[i].exchangerate);
        //if(strcmp (from[8], exchange[0].currency) == 0)
        //    printf("leln");
    }
}

这是实际的错误消息

*** stack smashing detected ***: ./a.out terminated
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(__fortify_fail+0x45)[0xb7700eb5]
/lib/i386-linux-gnu/libc.so.6(+0x104e6a)[0xb7700e6a]
./a.out[0x8048622]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0xb76154d3]
./a.out[0x8048471]
======= Memory map: ========
08048000-08049000 r-xp 00000000 08:01 667062     /home/jeffwang/Desktop/ECS 30/a.out
08049000-0804a000 r--p 00000000 08:01 667062     /home/jeffwang/Desktop/ECS 30/a.out
0804a000-0804b000 rw-p 00001000 08:01 667062     /home/jeffwang/Desktop/ECS 30/a.out
09d8e000-09daf000 rw-p 00000000 00:00 0          [heap]
b75cd000-b75e9000 r-xp 00000000 08:01 918526     /lib/i386-linux-gnu/libgcc_s.so.1
b75e9000-b75ea000 r--p 0001b000 08:01 918526     /lib/i386-linux-gnu/libgcc_s.so.1
b75ea000-b75eb000 rw-p 0001c000 08:01 918526     /lib/i386-linux-gnu/libgcc_s.so.1
b75fb000-b75fc000 rw-p 00000000 00:00 0 
b75fc000-b77a0000 r-xp 00000000 08:01 918505     /lib/i386-linux-gnu/libc-2.15.so
b77a0000-b77a2000 r--p 001a4000 08:01 918505     /lib/i386-linux-gnu/libc-2.15.so
b77a2000-b77a3000 rw-p 001a6000 08:01 918505     /lib/i386-linux-gnu/libc-2.15.so
b77a3000-b77a6000 rw-p 00000000 00:00 0 
b77b2000-b77b8000 rw-p 00000000 00:00 0 
b77b8000-b77b9000 r-xp 00000000 00:00 0          [vdso]
b77b9000-b77d9000 r-xp 00000000 08:01 918485     /lib/i386-linux-gnu/ld-2.15.so
b77d9000-b77da000 r--p 0001f000 08:01 918485     /lib/i386-linux-gnu/ld-2.15.so
b77da000-b77db000 rw-p 00020000 08:01 918485     /lib/i386-linux-gnu/ld-2.15.so
bfd29000-bfd4a000 rw-p 00000000 00:00 0          [stack]
Aborted (core dumped)

我不明白的是:我正在使用来自[10]的用户输入,并且我从未超过10。同样,如果我移除指针&在scanf中,不会出现错误消息。此外,当我从[10]更改为更小的东西时,例如从[2],错误也不会发生!自慰吗?

是的,这绝对是错误的。

char from[10];
scanf("%s", &from[10]);

表达式&from[10]是数组末尾的地址。不是最后一个元素,而是最后一个元素"过去"的元素,一个不存在的元素。用这个代替:

scanf("%s", from); // Still wrong

请注意,这也是不好的,因为您可以将超过10个字符写入from

scanf("%10s", from); // Correct

相关内容

  • 没有找到相关文章

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium