对
C
相对较新,并且很容易承认有些事情我认为我理解,但可能不理解所有细微差别。这是从我编写的一个更复杂的程序中提取的 MWE。它编译并运行良好,但测试表明 ev->pin
的值最初是正确的,但在不相关的函数调用后不正确(在代码中查找 ??? ) 看起来内存不知何故被踩踏,但我无法弄清楚发生了什么事。
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#define SCAN_EVENT_COUNT 5
#define PIN_ASSIGNMENTS {7, -1, 1, 13, 4}
#define EVENT_NAMES "first-second-third-fourth-fifth"
void init_scan_events();
int parse_string(char pInputString[],
char *Delimiter,
char *pToken[]);
struct scan_events
{
char event_names[31];
char *pEvent[SCAN_EVENT_COUNT];
int pin[SCAN_EVENT_COUNT];
};
int main(void)
{
init_scan_events();
return (0);
}
/**
* the following function from https://stackoverflow.com/a/2091906/633251
* Note that `strtok` expects a `char * string` and `char * delimiter` as arguments.
**/
int parse_string(char pInputString[],
char *Delimiter,
char *pToken[])
{
int i = 0;
pToken[i] = strtok(pInputString, Delimiter); // get first token
i++;
while ((pToken[i] = strtok(NULL, Delimiter)) != NULL) // get the rest of the tokens
{
i++;
}
return i;
}
void init_scan_events()
{
char en[] = EVENT_NAMES;
int en_size = strlen(en);
int size = SCAN_EVENT_COUNT;
int pin[] = PIN_ASSIGNMENTS;
int token_count = 0;
char *Delim = "-";
int i;
struct scan_events *ev = malloc(sizeof(struct scan_events));
if (ev == NULL)
{
printf("Allocation failed\n");
}
for (int i = 0; i < en_size; i++) // copy EVENT_NAMES
{
ev->event_names[i] = en[i];
}
for (int i = 0; i < size; i++) // copy PIN_ASSIGNMENTS
{
ev->pin[i] = pin[i];
}
for (int i = 0; i < size; i++)
{
printf("% d ", ev->pin[i]); // ??? inspect pin values: correct!
}
printf("\n");
token_count = parse_string(ev->event_names, Delim, ev->pEvent); // tokenize EVENT_NAMES
for (int i = 0; i < size; i++)
{
printf("% d ", ev->pin[i]); // ??? check pin values: corrupted!
}
printf("\n");
free(ev);
}
这是
pToken[5] = ...
的缓冲区溢出。