c++memory-leakschar

cout is causing memory leak on printing address of pointer to char?


I have very basic program to print address of pointer to char but when I run this code it causes memory leak.

I am using termux on android device. The command I am using to run the file is g++ -Wall -Wextra -fsanitize=address -o out filename.cpp && ./out

#include <iostream>
using namespace std;

int main(void) {
  char ch = 'a';
  char *ptr = &ch;
  cout << ptr << endl;
  return 0;
}

output

=================================================================
==9156==ERROR: AddressSanitizer: stack-buffer-overflow on address 0xfffd3c71 at pc 0xf4de6974 bp 0xfffd3c30 sp 0xfffd3808
READ of size 9 at 0xfffd3c71 thread T0
    #0 0xf4de6970 in strlen out/lib/compiler-rt-arm/out/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:372:5
    #1 0x4cab5c in std::__ndk1::char_traits<char>::length(char const*) (/data/data/com.termux/files/home/dircpp/out+0x2b5c)
    #2 0x4ca144 in std::__ndk1::basic_ostream<char, std::__ndk1::char_traits<char>>& std::__ndk1::operator<<<std::__ndk1::char_traits<char>>(std::__ndk1::basic_ostream<char, std::__ndk1::char_traits<char>>&, char const*) (/data/data/com.termux/files/home/dircpp/out+0x2144)
    #3 0x4ca06c in main (/data/data/com.termux/files/home/dircpp/out+0x206c)
    #4 0xf4d0e61a in __libc_init (/apex/com.android.runtime/lib/bionic/libc.so+0x5a61a)

Address 0xfffd3c71 is located in stack of thread T0 at offset 17 in frame
    #0 0x4c9f30 in main (/data/data/com.termux/files/home/dircpp/out+0x1f30)

  This frame has 1 object(s):
    [16, 17) 'ch' <== Memory access at offset 17 overflows this variable
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-overflow out/lib/compiler-rt-arm/out/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:372:5 in strlen
Shadow bytes around the buggy address:
  0xf4af2730: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0xf4af2740: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0xf4af2750: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0xf4af2760: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0xf4af2770: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0xf4af2780: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1[01]f3
  0xf4af2790: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0xf4af27a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0xf4af27b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0xf4af27c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0xf4af27d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==9156==ABORTING
Aborted

but code is working fine whenever I comment last printing line

#include <iostream>
using namespace std;

int main(void) {
  char ch = 'a';
  char *ptr = &ch;
  //cout << ptr << endl;
  return 0;
}

It works fine if I used int instead of char data type. This problem occurs only when I use char type.


Solution

  • When you print a char *, C++ quite reasonably assumes you are printing a zero-terminated string. In your case, you do NOT have a zero-terminated string. It ran off into uninitialized memory trying to find the zero terminator. If you want to print the address, cast it to void *:

    cout << static_cast<void*>(ptr) << endl;