Based on C language in the field pointer in depth analysis
- 2020-04-02 01:07:58
- OfStack
There are two main causes of "wild pointer" :
(1) pointer variable is not initialized. Any pointer variable does not automatically become a NULL pointer when it is first created, its default value is random, and it will point randomly. Therefore, pointer variables should be initialized at the time of creation, either by setting the pointer to NULL or by letting it point to valid memory. For example,
(2) after the pointer p is free or delete, it is not set to NULL, which makes people mistakenly think that p is a legitimate pointer. See section 7.5.
Although the names free and delete are vicious (especially delete), they only free the memory that the pointer refers to, but they do not kill the pointer itself.
Trace example 7-5 with the debugger, and find that the address of pointer p is still the same (not NULL) after it is free, but the memory corresponding to the address is garbage, and p becomes "wild pointer". If you don't set p to NULL at this point, you'll be mistaken for a valid pointer.
If the program is long, we sometimes can't remember whether the memory p refers to has been freed or not. Before continuing to use p, we usually use the phrase if (p! = NULL) for error-proof handling. Unfortunately, the if statement is not error-proof at this point, because even if p is not a NULL pointer, it does not point to a valid block of memory.
Examples 7-5 p become wild Pointers
(3) pointer operation goes beyond the scope of variables. It's hard to guard against this. Here's a sample program:
The function Test executes statement p- > Func(), object a has disappeared and p is pointing to a, so p becomes a "wild pointer". But it's strange that I didn't make an error when I ran this program, which may have something to do with the compiler.
Example program:
The running screenshot is as follows:
< img Alt = "" border = 0 SRC =" / / files.jb51.net/file_images/article/201307/201307111110216 ">
As you can see, although using free(p) frees up the address space pointed to by p, the pointer still exists, except that it points to "garbage" memory.
The state of p is called a wild pointer.
(1) pointer variable is not initialized. Any pointer variable does not automatically become a NULL pointer when it is first created, its default value is random, and it will point randomly. Therefore, pointer variables should be initialized at the time of creation, either by setting the pointer to NULL or by letting it point to valid memory. For example,
char *p = NULL;
char *str = (char *) malloc(100);
(2) after the pointer p is free or delete, it is not set to NULL, which makes people mistakenly think that p is a legitimate pointer. See section 7.5.
Although the names free and delete are vicious (especially delete), they only free the memory that the pointer refers to, but they do not kill the pointer itself.
Trace example 7-5 with the debugger, and find that the address of pointer p is still the same (not NULL) after it is free, but the memory corresponding to the address is garbage, and p becomes "wild pointer". If you don't set p to NULL at this point, you'll be mistaken for a valid pointer.
If the program is long, we sometimes can't remember whether the memory p refers to has been freed or not. Before continuing to use p, we usually use the phrase if (p! = NULL) for error-proof handling. Unfortunately, the if statement is not error-proof at this point, because even if p is not a NULL pointer, it does not point to a valid block of memory.
char *p = (char *) malloc(100);
strcpy(p, " hello " );
free(p); //P's memory is freed, but p's address remains the same
...
if(p != NULL) //It's not error-proof
{
strcpy(p, " world " ); //error
}
Examples 7-5 p become wild Pointers
(3) pointer operation goes beyond the scope of variables. It's hard to guard against this. Here's a sample program:
class A
{
public:
void Func(void){ cout << " Func of class A " << endl; }
};
void Test(void)
{
A *p;
{
A a;
p = &a; //Notice the lifetime of a
}
p->Func(); //P is the wild pointer.
}
The function Test executes statement p- > Func(), object a has disappeared and p is pointing to a, so p becomes a "wild pointer". But it's strange that I didn't make an error when I ran this program, which may have something to do with the compiler.
Example program:
#include <stdio.h>
#include <stdlib.h>
int main(int argc, char *argv[])
{
char *p = NULL;
p = (char*)malloc(sizeof(char)*100);
printf(" Pointer to the p Is: %pn", p);
strcpy(p, "Hello");
printf("%sn", p);
free(p);
printf(" Pointer to the p Is: %pn", p);
system("PAUSE");
return 0;
}
The running screenshot is as follows:
< img Alt = "" border = 0 SRC =" / / files.jb51.net/file_images/article/201307/201307111110216 ">
As you can see, although using free(p) frees up the address space pointed to by p, the pointer still exists, except that it points to "garbage" memory.
The state of p is called a wild pointer.