fwrite and "bad address" message 
Author Message
 fwrite and "bad address" message

Hi, Dear All

When I used function fwrite, I encountered the following message:

Bad address

Here's my C source:

#include <string.h>
#include <stdio.h>

#define BUFFSIZE 1024

int
main (void)
{
FILE *fp;
size_t n;
char data[BUFFSIZE];

if ((fp = fopen ("abc.txt", "w")) == NULL)
perror ("can not open abc.txt");

memset (&data[0], 0, sizeof (data));

if ((n = fwrite (&data[0], sizeof (data), 4, fp)) != 4)
perror ("fwrite error");

exit (0);

Quote:
}

if I modify the fwrite statement as follow:

if ((n = fwrite (&data[0], sizeof (data), 1, fp)) != 1)

No error message and file "abc.txt" was written correctly.  So
fwrite can not work with array?

Thanks in advance.

best regards,
Dai Yuwen
--



Mon, 20 Sep 2004 02:56:10 GMT  
 fwrite and "bad address" message
Quote:

> Hi, Dear All

> When I used function fwrite, I encountered the following message:

> Bad address
[-]
> int
> main (void)
> {
> FILE *fp;
> size_t n;
> char data[BUFFSIZE];

> if ((fp = fopen ("abc.txt", "w")) == NULL)
> perror ("can not open abc.txt");

[-]
perror() does not cause the application to exit, say you're
going to continue even where "abc.txt" could not be opened.
[-]
Quote:
> if ((n = fwrite (&data[0], sizeof (data), 4, fp)) != 4)
> perror ("fwrite error");

[-]
Wrong. See the fwrite(3c) as this means "write four times
the size of data (BUFFSIZE) from the buffer which starts
at address "&data[0]". Say after BUFFSIZE bytes fwrite()
tries to access "whatever" memory.

[-]

Quote:
> if I modify the fwrite statement as follow:

> if ((n = fwrite (&data[0], sizeof (data), 1, fp)) != 1)

> No error message and file "abc.txt" was written correctly.  So
> fwrite can not work with array?

[-]
See before - one time the size of data is fine of course, as
would be ...
fwrite( data, 1, sizeof(data) != sizeof(data) )
... say "write one byte sizeof(data) times".

Cheers,
Juergen

--
\ Real name     : Juergen Heinzl       \       no flames      /

--



Tue, 21 Sep 2004 04:15:15 GMT  
 fwrite and "bad address" message

Quote:

> When I used function fwrite, I encountered the following message:

> Bad address

> Here's my C source:

> #include <string.h>
> #include <stdio.h>

> #define BUFFSIZE 1024

> int
> main (void)
> {
> FILE *fp;
> size_t n;
> char data[BUFFSIZE];

> if ((fp = fopen ("abc.txt", "w")) == NULL)
> perror ("can not open abc.txt");

> memset (&data[0], 0, sizeof (data));
> if ((n = fwrite (&data[0], sizeof (data), 4, fp)) != 4)
> perror ("fwrite error");

> exit (0);
> }

> if I modify the fwrite statement as follow:

> if ((n = fwrite (&data[0], sizeof (data), 1, fp)) != 1)

> No error message and file "abc.txt" was written correctly.  So
> fwrite can not work with array?

Try indenting your source, and not with tabs.  When in doubt, read
the documentation.  The C standard (N869) says:

7.19.8.2  The fwrite function

Synopsis

[#1]
        #include <stdio.h>
        size_t fwrite(const void * restrict ptr,
                size_t size, size_t nmemb,
                FILE * restrict stream);

Description

[#2] The fwrite function writes, from the array  pointed  to
by  ptr,  up  to  nmemb  elements whose size is specified by
size, to the stream pointed to by stream.  The file position
indicator  for  the  stream  (if defined) is advanced by the
number of characters  successfully  written.   If  an  error
occurs,  the  resulting value of the file position indicator
for the stream is indeterminate.

Returns

[#3] The fwrite function  returns  the  number  of  elements
successfully  written, which will be less than nmemb only if
a write error is encountered.

..............

Now think about what you asked fwrite to do in both those
statements, and where it is supposed to get the data to write.
You might also think about the 'type' of the entity 'data', and
thus the meaning of "sizeof data".

--

   Available for consulting/temporary embedded and systems.
   (Remove "XXXX" from reply address. yahoo works unmodified)

--



Tue, 21 Sep 2004 04:15:21 GMT  
 fwrite and "bad address" message

Quote:

> fwrite can not work with array?

Sure it can, but you told it to write 4 times as much data
as the size of the whole array.
--



Tue, 21 Sep 2004 04:15:39 GMT  
 fwrite and "bad address" message


Quote:
> Hi, Dear All

> When I used function fwrite, I encountered the following message:

> Bad address

> Here's my C source:

> #include <string.h>
> #include <stdio.h>

> #define BUFFSIZE 1024

> int
> main (void)
> {
> FILE *fp;
> size_t n;
> char data[BUFFSIZE];

> if ((fp = fopen ("abc.txt", "w")) == NULL)
> perror ("can not open abc.txt");

> memset (&data[0], 0, sizeof (data));

> if ((n = fwrite (&data[0], sizeof (data), 4, fp)) != 4)

Here is your problem ----------------------^^^^
data is an array of BUFFSIZE bytes
sizeof data is BUFFSIZE -- sizeof (char) is by definition 1
you are asking fwrite() to write to the file fp 4 * BUFFSIZE bytes
from the buffer data.
However data[] is only defined from 0 to BUFFSIZE-1
reading beyond BUFFSIZE -1 is reading from memory space that
does not belong to your buffer.

if ((n = fwrite (data, sizeof (data), 1, fp)) != 1)
you could also

if ((n = fwrite (data,1, sizeof data,fp)) !=sizeof data)

Quote:
> perror ("fwrite error");

> exit (0);

return 0; /* since you promised to return an int */
Quote:

> }

> if I modify the fwrite statement as follow:

> if ((n = fwrite (&data[0], sizeof (data), 1, fp)) != 1)

> No error message and file "abc.txt" was written correctly.  So
> fwrite can not work with array?

Of course you can write out an array. You just should not
read from beyond the end of your buffer!

Roger...
--



Tue, 21 Sep 2004 04:15:41 GMT  
 fwrite and "bad address" message

Quote:
>Hi, Dear All

>When I used function fwrite, I encountered the following message:

>Bad address

>Here's my C source:

>#include <string.h>
>#include <stdio.h>

>#define BUFFSIZE 1024

>int
>main (void)
>{
>FILE *fp;
>size_t n;
>char data[BUFFSIZE];

>if ((fp = fopen ("abc.txt", "w")) == NULL)
>perror ("can not open abc.txt");

>memset (&data[0], 0, sizeof (data));

>if ((n = fwrite (&data[0], sizeof (data), 4, fp)) != 4)
>perror ("fwrite error");

>exit (0);

>}

>if I modify the fwrite statement as follow:

>if ((n = fwrite (&data[0], sizeof (data), 1, fp)) != 1)

>No error message and file "abc.txt" was written correctly.  So
>fwrite can not work with array?

Your original code causes a buffer overflow.  data is an array of
BUFFSIZE characters.  Therefore sizeof(data) is equal to BUFFSIZE.
Your fwrite statement says to start at the first character of data and
to write 4*BUFFSIZE bytes to the file.  data does not have that many
bytes.  When you get to the end of data, you attempt to access memory
which does not belong to you (or at least not to data).  That is
indeed a bad address.

<<Remove the del for email>>
--



Tue, 21 Sep 2004 04:15:50 GMT  
 fwrite and "bad address" message

Quote:

> char data[BUFFSIZE];
[...]
> if ((n = fwrite (&data[0], sizeof (data), 4, fp)) != 4)

This is seriously wrong. The second argument of fwrite is supposed to
be the size of one *element* of the array pointed to by the first
argument, not the size of the array as a whole.  Make that

        fwrite (data, sizeof(data[0]), 4, fp)

and you'll be on solid ground.  Note that data is the same as
&data[0], because the latter expands to &(*(data + 0)), and the &(*())
sequence of operators is a no-op, if applied to a valid pointer.

Quote:
> if ((n = fwrite (&data[0], sizeof (data), 1, fp)) != 1)

This is a bit fishy, too, but still better than your other try.  Here,
you should have written

        fwrite(&data, sizeof(data), 1, fp)

to more clearly incidate that this call is writing 1 copy of the whole
array 'data', not just some of its elements.

Quote:
> No error message and file "abc.txt" was written correctly.  So
> fwrite can not work with array?

It can --- if you call it correctly.
--

Even if all the snow were burnt, ashes would remain.
--



Tue, 21 Sep 2004 04:16:14 GMT  
 fwrite and "bad address" message
[...]

Quote:
> char data[BUFFSIZE];

> if ((fp = fopen ("abc.txt", "w")) == NULL)
> perror ("can not open abc.txt");

> memset (&data[0], 0, sizeof (data));

> if ((n = fwrite (&data[0], sizeof (data), 4, fp)) != 4)

You have just told fwrite() to write out 4 times the number of bytes
as are in the data[] array.  This is undefined behavior.  (Where did
you get the "4" from?)

[...]

Quote:
> if I modify the fwrite statement as follow:

> if ((n = fwrite (&data[0], sizeof (data), 1, fp)) != 1)

> No error message and file "abc.txt" was written correctly.

That is correct.  You are now writing exactly the number of bytes as
are in the data[] array.

--

+---------+----------------------------------+-----------------------------+
| Kenneth |     kenbrody at spamcop.net      | "The opinions expressed     |
|    J.   |                                  |  herein are not necessarily |
|  Brody  |    http://www.hvcomputer.com     |  those of fP Technologies." |
+---------+----------------------------------+-----------------------------+
GCS (ver 3.12) d- s+++: a C++$(+++) ULAVHSC^++++$ P+>+++ L+(++) E-(---)

    DI+(++++) D---() G e* h---- r+++ y?
--



Tue, 21 Sep 2004 04:16:37 GMT  
 
 [ 8 post ] 

 Relevant Pages 

1. Deleting with "fwrite()"

2. fwrite man page "error"

3. syslog() returns "bad file number"

4. "C-contest: 79 RECURSIVE (extremely bad:-)"

5. "address" of a bitfield

6. "Invalid Address specified to RtlFreeHeap(..)"

7. remove() vrs fopen("""w")

8. Displaying binary data as ascii "1"'s and "0"'s

9. Looking for "Shroud"/"Obfus"

10. ""help with TSR""

11. Parse trees and "("")"

12. Error "free"-ing "malloc"-ed memory

 

 
Powered by phpBB® Forum Software