Invalid memory access on smushing

Question

Invalid memory access on smushing

cmatsuoka opened this issue 14 years ago · 2 comments

Valgrind reports invalid memory access at smushing code:

==5623== Command: ./figlet blah
==5623== 
==5623== Invalid read of size 1
==5623==    at 0x804B3D8: addchar (figlet.c:1451)
==5623==    by 0x804C2AA: main (figlet.c:1985)
==5623==  Address 0x41d638f is 1 bytes before a block of size 80 alloc'd
==5623==    at 0x4025BD3: malloc (vg_replace_malloc.c:236)
==5623==    by 0x8048B1C: myalloc (figlet.c:257)
==5623==    by 0x804AAFC: linealloc (figlet.c:1235)
==5623==    by 0x804C0C8: main (figlet.c:1931)
==5623== 
==5623== Invalid write of size 1
==5623==    at 0x804B3EA: addchar (figlet.c:1450)
==5623==    by 0x804C2AA: main (figlet.c:1985)
==5623==  Address 0x41d638f is 1 bytes before a block of size 80 alloc'd
==5623==    at 0x4025BD3: malloc (vg_replace_malloc.c:236)
==5623==    by 0x8048B1C: myalloc (figlet.c:257)
==5623==    by 0x804AAFC: linealloc (figlet.c:1235)
==5623==    by 0x804C0C8: main (figlet.c:1931)
==5623==

This is caused by a smushamount of -1.

Answer 1 · 2011-01-11T11:41:59.000Z

Fixing it.

Answer 2 · 2011-01-11T13:08:41.000Z

Fixed.

Smushing characters at the line start can cause the next character to
be copied to an offset before the start of the line buffer. In this
case, add an offset to source and copy to a valid destination position.