讨论社区

AddressSanitizer: heap-buffer-overflow on address 0x602000000012 at pc 0x7f2395f71784 bp 0x7ffda6aba420 sp 0x7ffda6ab9bd0

Bigram 分词


char ** findOcurrences(char * text, char * first, char * second, int* returnSize)
{
char ** r = (char **)malloc(sizeof(char *) * 600);
memset(r, 0, sizeof(char *) * 600);
strcat(first, " ");
strcat(first, second);
char *start, *end;
int i = 0, j;
while (strstr(text, first) != NULL)
{
char *p = strstr(text, first);
start = p + strlen(first) + 1;
char *tempStart;
for (tempStart = start; *tempStart != ' '&& *tempStart != '\0'; tempStart++);
end = tempStart - 1;
r[i] = (char *)malloc(10000000);
memset(r[i], '\0', 10000000);
for (j = 0; start <= end; start++)
{
r[i][j++] = *start;
}
text = end + 2;
i++;
if (*(end + 1) == '\0')
break;
}
*returnSize = i;
return r;
}

报错=================================================================

==30==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000000012 at pc 0x7f13d9341784 bp 0x7fffccb437e0 sp 0x7fffccb42f90

WRITE of size 2 at 0x602000000012 thread T0

    #0 0x7f13d9341783  (/usr/local/lib64/libasan.so.5+0x3e783)

    #3 0x7f13d7f612e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)


0x602000000012 is located 0 bytes to the right of 2-byte region [0x602000000010,0x602000000012)

allocated by thread T0 here:

    #0 0x7f13d93eb2b0 in malloc (/usr/local/lib64/libasan.so.5+0xe82b0)

    #4 0x7f13d7f612e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)


SUMMARY: AddressSanitizer: heap-buffer-overflow (/usr/local/lib64/libasan.so.5+0x3e783) 

Shadow bytes around the buggy address:

  0x0c047fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c047fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c047fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c047fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c047fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

=>0x0c047fff8000: fa fa[02]fa fa fa 05 fa fa fa fa fa fa fa fa fa

  0x0c047fff8010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa

  0x0c047fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa

  0x0c047fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa

  0x0c047fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa

  0x0c047fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa

Shadow byte legend (one shadow byte represents 8 application bytes):

  Addressable:           00

  Partially addressable: 01 02 03 04 05 06 07 

  Heap left redzone:       fa

  Freed heap region:       fd

  Stack left redzone:      f1

  Stack mid redzone:       f2

  Stack right redzone:     f3

  Stack after return:      f5

  Stack use after scope:   f8

  Global redzone:          f9

  Global init order:       f6

  Poisoned by user:        f7

  Container overflow:      fc

  Array cookie:            ac

  Intra object redzone:    bb

  ASan internal:           fe

  Left alloca redzone:     ca

  Right alloca redzone:    cb

==30==ABORTING

## 咋回事呢?

1 人关注了该问题 关注

0

feiceh • 4月前

这个是内存溢出了,请检查优化一下代码喔~

0 个讨论

您需要登录后才可回复
0

North lane???? • 4月前

我也是这个错误

0 个讨论

您需要登录后才可回复
0

hxy1302 • 4月前

检查一下是不是有数组越界或者没初始化吧

0 个讨论

您需要登录后才可回复
您需要登录后才可以回复