C++

Forum

 
stack smashing

CLearner88 (123)
hi all, i encountered some stack smashing error because of this set of code.
i have no idea why this happens on linux, it runs fine on code blocks on windows

the code is below

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
 
string createMatrix(string keyWord)
{
  char alphabets[24];
  int i=0;
  int asciiValue=0;
  int asciiCount=0;
  bool uChar=true;
  int wordLength=keyWord.length();
  int runCounter=1;

  for(int a=0;a<wordLength;a++)
  {
      if(keyWord[a]=='j')
      {
          keyWord[a]='i';
      }
  }

  for(runCounter=0;runCounter<wordLength;runCounter++)
  {
      for(int k=0;k<runCounter;k++)
      {
          if(keyWord[runCounter] == keyWord[k])
          {
              uChar=false;
          }
      }

      if(uChar == true)
      {
          alphabets[i]=keyWord[runCounter];
          i++;
      }
      uChar=true;
  }

  while(asciiCount<26)
  {
      for(int j=0;j<wordLength;j++)
      {
          if(asciiValue == keyWord[j] - 97)
          {
              uChar=false;
          }
      }

      if(uChar == true)
      {
          if(asciiValue != 9)
          {
              alphabets[i]=97+asciiValue;
              i++;
          }
      }
      asciiValue++;
      asciiCount++;
      uChar=true;
  }
  return alphabets;
}


may i know what`s the problem with this set of code? Thanks in advance
Disch (13742)
some stack smashing error


Don't paraphrase errors. What's the actual error you're getting? Copy/paste it.
Last edited on
CLearner88 (123)
my apologies on that.

here is the error

*** stack smashing detected ***: ./playfair terminated
======= Backtrace: =========
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x48)[0x3f1de8]
/lib/tls/i686/cmov/libc.so.6(__fortify_fail+0x0)[0x3f1da0]
./playfair[0x8049182]
./playfair[0x804aa92]
/lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0x327b56]
./playfair[0x8048ee1]
======= Memory map: ========
00311000-0044f000 r-xp 00000000 08:01 295676 /lib/tls/i686/cmov/libc-2.10.1.so
0044f000-00451000 r--p 0013e000 08:01 295676 /lib/tls/i686/cmov/libc-2.10.1.so
00451000-00452000 rw-p 00140000 08:01 295676 /lib/tls/i686/cmov/libc-2.10.1.so
00452000-00455000 rw-p 00000000 00:00 0
00462000-00463000 r-xp 00000000 00:00 0 [vdso]
00b09000-00bef000 r-xp 00000000 08:01 196485 /usr/lib/libstdc++.so.6.0.13
00bef000-00bf3000 r--p 000e6000 08:01 196485 /usr/lib/libstdc++.so.6.0.13
00bf3000-00bf4000 rw-p 000ea000 08:01 196485 /usr/lib/libstdc++.so.6.0.13
00bf4000-00bfb000 rw-p 00000000 00:00 0
00ca9000-00cc4000 r-xp 00000000 08:01 294662 /lib/ld-2.10.1.so
00cc4000-00cc5000 r--p 0001a000 08:01 294662 /lib/ld-2.10.1.so
00cc5000-00cc6000 rw-p 0001b000 08:01 294662 /lib/ld-2.10.1.so
00df3000-00e0f000 r-xp 00000000 08:01 294351 /lib/libgcc_s.so.1
00e0f000-00e10000 r--p 0001b000 08:01 294351 /lib/libgcc_s.so.1
00e10000-00e11000 rw-p 0001c000 08:01 294351 /lib/libgcc_s.so.1
00f96000-00fba000 r-xp 00000000 08:01 295680 /lib/tls/i686/cmov/libm-2.10.1.so
00fba000-00fbb000 r--p 00023000 08:01 295680 /lib/tls/i686/cmov/libm-2.10.1.so
00fbb000-00fbc000 rw-p 00024000 08:01 295680 /lib/tls/i686/cmov/libm-2.10.1.so
08048000-0804c000 r-xp 00000000 08:01 140980 /home/user/playfair
0804c000-0804d000 r--p 00003000 08:01 140980 /home/user/playfair
0804d000-0804e000 rw-p 00004000 08:01 140980 /home/user/playfair
08718000-08739000 rw-p 00000000 00:00 0 [heap]
b76f7000-b76f9000 rw-p 00000000 00:00 0
b7709000-b770b000 rw-p 00000000 00:00 0
bfabe000-bfad3000 rw-p 00000000 00:00 0 [stack]
Aborted
Disch (13742)
Hrm.... I've never seen the term "stack smashing" before. That's weird. I'm assuming that means "stack corruption". I was actually hoping it would print the variable around which the corruption occurred. Oh well.


I see two problems related to your "alphabets" array.

#1: It's possible for you to step out of bounds of this array and write more than 24 characters to it, which would cause stack corruption.

#2: You're not null terminating it, so when you return it as a string, the string likely is reaching past the array bounds and taking corrupted memory and interpretting it as string data.



Both of these problems can be solved by using a string rather than a char array.

1
2
3
4
5
6
7
8
9
10
 
// Remove this:
  char alphabets[24];
  int i=0;

// ...
          alphabets[i]=keyWord[runCounter];
          i++;
// ...
              alphabets[i]=97+asciiValue;
              i++;

1
2
3
4
5
6
7
8
 
// Replace with this:
  string alphabets;

// ...
          alphabets += keyWord[runCounter];

// ...
              alphabets += 'a' + asciiValue; // use literal 'a' instead of 97 to be more clear

CLearner88 (123)
thanks alot. The conversion did the trick! but i was wondering why the previous code works on windows but not on ubuntu linux?
Disch (13742)
You were getting "lucky". Accessing bad memory may or may not "work". Behavior is undefined.
Topic archived. No new replies allowed.