O
OperaHelloMarch
I have see a example implementation for free() in IBM developerworks
as below:
void free(void *firstbyte) {
struct mem_control_block *mcb;
/* Backup from the given pointer to find the
* mem_control_block
*/
mcb = firstbyte - sizeof(struct mem_control_block);
/* Mark the block as being available */
mcb->is_available = 1;
/* That's It! We're done. */
return;
}
Here, it doesn't check if the parameter firstbyte is a real firstbyte.
If I write code like below, I think the whole system may crash.
#include <stdlib.h>
int main(int argc, char *argv[])
{
int* ptr;
ptr=(int*)malloc(sizeof(int)*100);
/*OK, to change the position of the head*/
ptr[0]=1;
ptr++;
/*send the invalid pointer to free() */
free(ptr);
}
I have compiled this file under linux, and get an error message "***
glibc detected *** free(): invalid pointer: 0x09fa800c ***"
How can the free() know that my pointer is invalid? Is there any array
for valid pointer stored in memory?
Thanks in advance!
as below:
void free(void *firstbyte) {
struct mem_control_block *mcb;
/* Backup from the given pointer to find the
* mem_control_block
*/
mcb = firstbyte - sizeof(struct mem_control_block);
/* Mark the block as being available */
mcb->is_available = 1;
/* That's It! We're done. */
return;
}
Here, it doesn't check if the parameter firstbyte is a real firstbyte.
If I write code like below, I think the whole system may crash.
#include <stdlib.h>
int main(int argc, char *argv[])
{
int* ptr;
ptr=(int*)malloc(sizeof(int)*100);
/*OK, to change the position of the head*/
ptr[0]=1;
ptr++;
/*send the invalid pointer to free() */
free(ptr);
}
I have compiled this file under linux, and get an error message "***
glibc detected *** free(): invalid pointer: 0x09fa800c ***"
How can the free() know that my pointer is invalid? Is there any array
for valid pointer stored in memory?
Thanks in advance!