一回紙で書いてメモリの動きを纏めて考えたほうがわかりやすいか? 
なるちゅー🩶✦︎ですわ!! 炉なるはいいぞ!!
かんこれの多摩と古鷹
は怖い。本気で@[email protected]
| Github | https://github.com/kazugmx |
:neko_robot_nya::nyaan:
- 197 Followers
- 226 Following
- 32.5K Posts
IT系のエンジニア職目指してる学生です。
なるちゅー🩶✦︎ですわ!! 炉なるはいいぞ!!
かんこれの多摩と古鷹
は怖い。本気で
@[email protected]
なるちゅー🩶✦︎ですわ!! 炉なるはいいぞ!!
かんこれの多摩と古鷹
は怖い。本気で@[email protected]
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define SAFETY_LIMIT 20000
int main(int argc, char *argv[], char *envp[])
{
int ctr = 0, input_val = 0;
int *heap_integers;
heap_integers = (int *)malloc(sizeof(int) * 10);
while (input_val != -1 && ctr < SAFETY_LIMIT)
{
// realloc on required time
if (!(ctr % 10))
{
int *tmp = (int *)realloc(heap_integers, sizeof(int) * (ctr + 10));
if (tmp == NULL)
{
free(heap_integers);
return 1;
}
heap_integers = tmp;
}
scanf("%d", &input_val);
heap_integers[ctr] = input_val;
ctr++;
}
for (int i = 0; heap_integers[i] != -1; i++)
printf("norm[%d-%p]: %d\n", i, &heap_integers[i], heap_integers[i]);
// prepare UAF
int *dangling = heap_integers;
// release from heap_integers;
free(heap_integers);
heap_integers = NULL;
printf("\n--- UAF(access to released memory) ---\n");
for (int i = 0; dangling[i] != -1; i++)
printf("UAF[%d-%p]: %d\n", i, &dangling[i], dangling[i]);
// sometimes allocated with malloc
int *p_new = (int *)malloc(sizeof(int) * (ctr + 10));
p_new[0] = 999;
printf("\n--- UAF (after realloc) ---\n");
printf("p_new=%p dangling=%p\n", p_new, dangling); // 同じアドレスか確認
for (int i = 0; i < ctr - 1; i++)
printf("UAF_after[%d-%p]: %d\n", i, &dangling[i], dangling[i]); // 999が見える?
memset(dangling, 0, sizeof(int) * (ctr + 1));
return 0;
}
ガチ丁寧にやるならreallocしたポインタ書き込む前にmemsetで初期化しないといけないのか
効率落ちるけどやるしかない?
効率落ちるけどやるしかない?
これ本来だったら構造体にしなくてもいいんだよな...
#include <stdio.h>
#include <string.h>
#include <limits.h>
#include <stdarg.h>
#include <stdbool.h>
#define STUDENT_DATACOUNT 4
typedef struct
{
int id;
char name[100];
int score;
} score;
void printArgs(int argc, char *argv[])
{
printf("argc: %d\n", argc);
for (int ctr = 0; ctr < argc; ctr++)
{
printf("argv[%d]: %s\n", ctr, argv[ctr]);
}
}
void setStudentScore(score *data, int id, char *name, int score)
{
data->id = id;
strcpy((*data).name, name);
data->score = score;
}
int main(int argc, char *argv[], char *envp[])
{
printArgs(argc, argv);
// init input data.
int id[] = {1, 2, 3, 4};
char *name[] = {
"Nobi_Nobita", "Minamoto_Shizuka", "Goda_Takeshi", "Honekawa_Suneo"};
int avgScores[] = {0, 90, 40, 7};
score scores[STUDENT_DATACOUNT];
for (int i = 0; i < STUDENT_DATACOUNT; i++)
{
setStudentScore(&scores[i], id[i], name[i], avgScores[i]);
}
if (argc - 1 < 1)
{
fprintf(stderr, "%s", "invalid argument.");
}
// write-file
FILE *file;
file = fopen(argv[1], "w+");
// write as CSV
for (int l_ctr = 0; l_ctr < STUDENT_DATACOUNT; l_ctr++)
{
fprintf(file, "%d,%s,%d\n", scores[l_ctr].id,scores[l_ctr].name,scores[l_ctr].score);
}
fclose(file);
return 0;
}
#include <stdio.h>
#include <limits.h>
#include <stdarg.h>
#include <stdbool.h>
typedef struct {
/*
* そりゃブツがついてる方が正だよなあ?
*/
char name[60];
int age;
int sex;
} person;
void set_info(person *,int);
void getInput(char *, ...);
void retrieveAll(person *,int);
int main(int argc, char *argv[], char *envp[])
{
person data_p[3];
set_info(data_p,3);
retrieveAll(data_p,3);
return 0;
}
void retrieveAll(person data[],int size){
for(int k = 0;k<size;k++){
printf("\nperson[%d], name: %s / age: %d /sex: %d\n",
k, data[k].name,data[k].age, data[k].sex );
}
}
void set_info(person *data,int size)
{
for(int i = 0;i<size;i++){
printf("person [%d] --",i);
getInput("name > %s",data[i].name);
getInput("age > %d",&data[i].age);
getInput("sex(1=male,0=female) > %d", &data[i].sex);
}
return;
}
void getInput(char *fmt, ...){
/*
* query param
* query_text , variable_to_input
*/
va_list ap;
va_start(ap,fmt);
for (int ctr = 0; fmt[ctr]; ctr++) {
if(fmt[ctr] == '%'){
ctr++;
switch (fmt[ctr]) {
case 'd': {
int *p = va_arg(ap, int*);
scanf("%d", p);
break;
}
case 's': {
char *p =va_arg(ap, char*);
scanf("%s",p);
break;
}
}
}
else{
putchar(fmt[ctr]);
}
}
va_end(ap);
return;
}
汚い書き方だな そのうち絶対バグ生む
#include <stdio.h>
#include <limits.h>
void searchMinMax(int *min,int *max, int *arr)
{
*min = INT_MAX;
*max = INT_MIN;
int* arr_ptr = arr;
while(*arr_ptr != -1){
if(*arr_ptr > *max) *max = *arr_ptr;
if(*arr_ptr < *min) *min = *arr_ptr;
arr_ptr++;
}
}
int main(int argc, char *argv[])
{
int minimum, maximum;
int values[11];
int *ptr = values;
do{
printf("input >");
scanf("%d",ptr);
ptr++;
} while (*(ptr-1) != -1);
printf("first scan--\n");
for(int i = 0;i<10;i++)
{
printf("%d: %d\n",i,values[i]);
}
printf("---------\n");
searchMinMax(&minimum,&maximum,values);
printf("min: %d",minimum);
printf("max: %d",maximum);
}