为什么这个缓冲区指向不可寻址的字节?
问题描述:
编辑:感谢repliers我已经改变了FREAD至(......的sizeof缓冲,1,...),但现在我得到这个错误的valgrind:为什么这个缓冲区指向不可寻址的字节?
==2409== Invalid read of size 4
==2409== at 0x51AB8D0: fread (iofread.c:41)
==2409== by 0x4007B6: main (recover2.c:31)
==2409== Address 0x5502000 is not stack'd, malloc'd or (recently) free'd
==2409==
==2409== Use of uninitialised value of size 8
==2409== at 0x51B8787: _IO_sgetn (genops.c:495)
==2409== by 0x51AB93E: fread (iofread.c:42)
==2409== by 0x4007B6: main (recover2.c:31)
==2409==
==2409== Invalid read of size 8
==2409== at 0x51B8787: _IO_sgetn (genops.c:495)
==2409== by 0x51AB93E: fread (iofread.c:42)
==2409== by 0x4007B6: main (recover2.c:31)
==2409== Address 0x40 is not stack'd, malloc'd or (recently) free'd
==2409==
==2409==
==2409== Process terminating with default action of signal 11 (SIGSEGV)
==2409== Access not within mapped region at address 0x40
==2409== at 0x51B8787: _IO_sgetn (genops.c:495)
==2409== by 0x51AB93E: fread (iofread.c:42)
==2409== by 0x4007B6: main (recover2.c:31)
==2409== If you believe this happened as a result of a stack
==2409== overflow in your program's main thread (unlikely but
==2409== possible), you can try to increase the size of the
==2409== main thread stack using the --main-stacksize= flag.
==2409== The main thread stack size used in this run was 8388608.
我是新来的所以我希望这是有道理的。我正在编写此代码以从文件中检索数据并将其复制到jpeg文件。该代码旨在通过其标题找到一个jpg文件,然后将其写入文件。该代码是:
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include <string.h>
int main(int argc, char* argv[])
{
FILE* file = fopen("card.raw", "r");
if (file == NULL)
{
printf("Could not open file!\n");
return 1;
}
char title[7];
int currentImage = 0;
uint8_t buffer[512];
FILE* img;
while (fread(buffer, sizeof(buffer), 512, file) == 1)
{
printf("found data!\n");
if (buffer[0] == 0xff && buffer[1] == 0xd8 && buffer[2] == 0xff)
{
if (buffer[3] == 0xe0 || buffer[3] == 0xe1 || buffer[3] == 0xe2 || buffer[3] == 0xe3 || buffer[3] == 0xe4 || buffer[3] == 0xe5 || buffer[3] == 0xe6 || buffer[3] == 0xe7 || buffer[3] == 0xe8 || buffer[3] == 0xe9 || buffer[3] == 0xea || buffer[3] == 0xeb || buffer[3] == 0xec || buffer[3] == 0xed || buffer[3] == 0xee || buffer[3] == 0xef)
{
printf("Found new jpg!\n");
sprintf(title, "%03d.jpg", currentImage);
img = fopen(title, "a");
currentImage++;
printf("size of buffer to print is %lu\n", sizeof(buffer));
fwrite(buffer, sizeof(buffer), 1, img);
}
}
else if (currentImage > 0)
{
fwrite(buffer, sizeof(buffer), 1, img);
}
}
}
我得到一个分段错误,一旦发现有JPEG,并执行FWRITE,然后返回到while循环。
的Valgrind的错误是:
==1866== Syscall param read(buf) points to unaddressable byte(s)
==1866== at 0x5228810: __read_nocancel (syscall-template.S:81)
==1866== by 0x51B63B8: _IO_file_xsgetn (fileops.c:1438)
==1866== by 0x51AB93E: fread (iofread.c:42)
==1866== by 0x4007C3: main (recover2.c:31)
==1866== Address 0xfff001000 is not stack'd, malloc'd or (recently) free'd
==1866==
==1866== Jump to the invalid address stated on the next line
==1866== at 0x0: ???
==1866== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==1866==
==1866==
==1866== Process terminating with default action of signal 11 (SIGSEGV)
==1866== Bad permissions for mapped region at address 0x0
==1866== at 0x0: ???
我是新来这使仍在学习和记忆等,因此在理解它为什么出了错任何帮助,将不胜感激。
答
通过这样做
fread(buffer, sizeof(buffer), 512, file)
你问fread阅读512块,每块是sizeof(buffer)字节长。即您正尝试将512 * 512 = 262144字节读入声明为uint8_t buffer[512]的数组中。这当然不适合。
如果你只是想将数据读入buffer阵列,这将是要么
fread(buffer, sizeof buffer, 1, file)
或
fread(buffer, 1, sizeof buffer, file)
,或者,如果你愿意的话,根据
fread(buffer, sizeof *buffer, sizeof buffer/sizeof *buffer, file)
读取操作中您认为是“原子”数据块。
另外
sprintf(title, "%03d.jpg", currentImage);
将产生至少7个字符长的字符串(例如001.jpg),这意味着title必须是长,以容纳零终止至少8个字符。但是,您的title被宣布为
char title[7];
这太小了。
答
作为每fread()的man page,签名是
size_t fread(void *ptr, size_t size, size_t nmemb, FILE * stream);
所述描述是
功能
fread()读取数据的nmemb元素,每个size字节长,来自指向的流210,将它们存储在ptr给出的位置。
所以,你的代码应该是
while (fread(buffer, sizeof(buffer[0]), 512, file) == 1)
否则,你就结束了要求读取和存储512个数每个大小的块,512个字节的,这是错误的,会导致缓冲区溢出,如valgrind报告。
得到答案后,请注意不要大幅改变您的问题。无论如何,你正在打印8个字符到'title',它只能容纳7个。 – usr2564301
Thanks @ rad-lexus! – edd91