Heap corruption in C

c heap-corruption
Alan picture Alan · Oct 13, 2010 · Viewed 7.1k times · Source 
int main ()
{
    int * b;
    b = (int*) malloc (1);
    *b=110000;
    free (b);
    return 0;
}

Why does heap corruption happen at free (b);?

IMO, heap corruption already happens at *b=110000;.

Answer

Ned Batchelder picture Ned Batchelder · Oct 13, 2010

malloc()'s argument is the number of bytes to allocate. You need to use:

b = (int*) malloc(sizeof(int));

You've allocated too small a block, and then written more bytes to it than you've allocated, which overwrites bookkeeping information next to the block, corrupting the heap.

Related questions

Is there a way to mark a chunk of allocated memory readonly?

if I allocate some memory using malloc() is there a way to mark it readonly. So memcpy() fails if someone attempt to write to it? This is connected to a faulty api design where users are miss-using a const pointer …

Read More
Immediate detection of heap corruption errors on Windows. How?

I can't sleep! :) I have a reasonably large project on Windows and encountered some heap corruption issues. I have read all SO, including this nice topic: How to debug heap corruption errors?, however nothing was suitable to help me out-of-the-box. …

Read More
How do I determine the size of my array in C?

How do I determine the size of my array in C? That is, the number of elements the array can hold?

Read More