Output of a program

Discussion in 'C Programming' started by sonu, Mar 8, 2006.

  1. sonu

    sonu Guest

    main()
    {
    char *ptr1,*ptr2;

    ptr1=(char*)malloc(sizeof(ptr1));
    gets(ptr1);

    ptr2=(char*)malloc(sizeof(ptr2));
    gets(ptr2);

    printf("%s",ptr1);
    printf("%s",ptr2);

    }

    suppose ptr1= aaa bbb ccc ddd eee fff ggg
    &
    ptr2=kkk


    output is :-aaa bbb ccc & kkk

    why its not printing complete the first string

    Pls any one help me bcoz i need it Urgent

    Thanks
    sonu
     
    sonu, Mar 8, 2006
    #1
    1. Advertising

  2. sonu

    pemo Guest

    sonu wrote:
    > main()
    > {
    > char *ptr1,*ptr2;
    >
    > ptr1=(char*)malloc(sizeof(ptr1));
    > gets(ptr1);
    >
    > ptr2=(char*)malloc(sizeof(ptr2));
    > gets(ptr2);
    >
    > printf("%s",ptr1);
    > printf("%s",ptr2);
    >
    > }
    >
    > suppose ptr1= aaa bbb ccc ddd eee fff ggg
    > &
    > ptr2=kkk
    >
    >
    > output is :-aaa bbb ccc & kkk
    >
    > why its not printing complete the first string
    >
    > Pls any one help me bcoz i need it Urgent


    You're allocating just enough memory to hold a character pointer, i.e.,
    malloc(sizeof(ptr1)) is likely to be something like malloc(4).

    If you now enter 'aaa bbb ccc ddd eee fff ggg' and use gets() to read that
    into the memory you've allocated, you've over written stuff, and from that
    point on, it's not possible to say what the program will do - it's
    undefined.

    So, you ought to be allocating more memory than you have - try something
    like malloc(100), and then use fgets() to read your input lines.

    Lastly, main() ought to be int main(void) in your case, you don't need to
    cast malloc's return, you should free(ptr1) and ptr2 when you're done with
    them, and you should add return 0; [or something like]. You should also
    include both stdio.h and stdlib.h if you haven't.


    --
    ==============
    Not a pedant
    ==============
     
    pemo, Mar 8, 2006
    #2
    1. Advertising

  3. sonu wrote:
    > main()


    int main(void)

    is much better style.

    > {
    > char *ptr1,*ptr2;
    >
    > ptr1=(char*)malloc(sizeof(ptr1));


    You've just masked a bug. You did not include <stdlib.h>, and have cast
    the return value of `malloc`. Without prototype (in <stdlib.h>) the
    compiler has to assume `malloc` returns an `int`, which you then force
    into a `char *`. *Never* cast the return value of `malloc`.

    Aside from that, you allocate the space for `ptr1` the size of the
    pointer to `char` on your implementation. Is this really what you
    wanted? Probably not, as you then go on and input "aaa bbb ccc ddd eee
    fff ggg" which is most likely much bigger.

    Congratulations! You've just created a buffer overflow vulnerability.

    > gets(ptr1);
    >
    > ptr2=(char*)malloc(sizeof(ptr2));


    Exactly the same problems as above. You manage not to overflow your
    buffer (assuming sizeof(char *) >= 4, which is reasonable on modern
    hosted implementations), as you input "kkk", which is 4 bytes long
    (remember that pesky terminating \0).

    > gets(ptr2);
    >
    > printf("%s",ptr1);
    > printf("%s",ptr2);


    Not terminating `printf` with `\n` (or doing `fflush(stdout)`) may
    result in nothing at all being output (output is line buffered -- no
    end of line, no output, maybe).

    > }
    >
    > suppose ptr1= aaa bbb ccc ddd eee fff ggg
    > &
    > ptr2=kkk
    >
    >
    > output is :-aaa bbb ccc & kkk
    >
    > why its not printing complete the first string


    See comments above. BTW, I'm surprised you get the output you claim you
    do.

    > Pls any one help me bcoz i need it Urgent


    The only urgent things for you right now would be to go back to your C
    text book.

    Someone may be able/willing to help you further if you specify exactly
    what the code above is supposed to achieve.

    --
    BR, Vladimir
     
    Vladimir S. Oka, Mar 8, 2006
    #3
  4. sonu

    sonu Guest

    Thanx pemo
     
    sonu, Mar 8, 2006
    #4
  5. "sonu" <> writes:
    > main()
    > {
    > char *ptr1,*ptr2;
    >
    > ptr1=(char*)malloc(sizeof(ptr1));
    > gets(ptr1);
    >
    > ptr2=(char*)malloc(sizeof(ptr2));
    > gets(ptr2);
    >
    > printf("%s",ptr1);
    > printf("%s",ptr2);
    >
    > }

    [...]
    > Pls any one help me bcoz i need it Urgent


    A few things not yet mentioned in other responses:

    Proper indentation is your friend, even for a small program like this
    one. See any decent C textbook, or most of the code posted here, for
    examples of proper indentation.

    Please don't use silly abbreviations like "Pls" for "Please", or
    "bcoz" for "because". They only make it more difficult to read what
    you write, especially for readers whose native language isn't English.

    And finally, never ever ever use gets(). Use fgets() instead.
    (You'll need to deal with the '\n' character that fgets() stores in
    the string, and with its behavior if the input line is longer than
    your buffer.)

    --
    Keith Thompson (The_Other_Keith) <http://www.ghoti.net/~kst>
    San Diego Supercomputer Center <*> <http://users.sdsc.edu/~kst>
    We must do something. This is something. Therefore, we must do this.
     
    Keith Thompson, Mar 8, 2006
    #5
  6. sonu

    Banfa Guest

    Keith Thompson wrote:
    > And finally, never ever ever use gets(). Use fgets() instead.
    > (You'll need to deal with the '\n' character that fgets() stores in
    > the string, and with its behavior if the input line is longer than
    > your buffer.)


    What is the reason that you should "never ever ever use gets(). Use
    fgets()"?
     
    Banfa, Mar 8, 2006
    #6
  7. Banfa said:

    >
    > Keith Thompson wrote:
    >> And finally, never ever ever use gets(). Use fgets() instead.
    >> (You'll need to deal with the '\n' character that fgets() stores in
    >> the string, and with its behavior if the input line is longer than
    >> your buffer.)

    >
    > What is the reason that you should "never ever ever use gets(). Use
    > fgets()"?


    Because you tell fgets how long your buffer is, it can (and does) protect
    your buffer against overflow.

    You have no way to tell gets how long your buffer is.


    --
    Richard Heathfield
    "Usenet is a strange place" - dmr 29/7/1999
    http://www.cpax.org.uk
    email: rjh at above domain (but drop the www, obviously)
     
    Richard Heathfield, Mar 8, 2006
    #7
  8. "Banfa" <> wrote in
    news::

    >
    > Keith Thompson wrote:
    >> And finally, never ever ever use gets(). Use fgets() instead.
    >> (You'll need to deal with the '\n' character that fgets() stores in
    >> the string, and with its behavior if the input line is longer than
    >> your buffer.)

    >
    > What is the reason that you should "never ever ever use gets(). Use
    > fgets()"?



    http://c-faq.com/stdio/getsvsfgets.html

    --
    A. Sinan Unur <>
    (reverse each component and remove .invalid for email address)

    comp.lang.perl.misc guidelines on the WWW:
    http://mail.augustmail.com/~tadmc/clpmisc/clpmisc_guidelines.html
     
    A. Sinan Unur, Mar 8, 2006
    #8
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. John Bentley

    Output / Debug window output bug?

    John Bentley, Sep 10, 2003, in forum: ASP .Net
    Replies:
    0
    Views:
    599
    John Bentley
    Sep 10, 2003
  2. chuck amadi
    Replies:
    1
    Views:
    499
    Larry Bates
    Jun 23, 2004
  3. Puneet
    Replies:
    16
    Views:
    1,147
    Daniel Vallstrom
    Mar 20, 2005
  4. Paul
    Replies:
    1
    Views:
    435
  5. jmr
    Replies:
    2
    Views:
    344
Loading...

Share This Page