Leetcode报错:AddressSanitizer: heap-buffer-overflow on address 0x619000001d69 at pc 0x0000004024cf bp 0x7ffdb04bee90 sp 0x7ffdb04bee80
先看一下题目
5.最长回文子串
给定一个字符串 s,找到 s 中最长的回文子串。你可以假设 s 的最大长度为 1000。
然后看一下代码:.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 | #define MAXSIZE 1000 //获得串s的反串 char* GetReserve(char* s,int nlen) { //申请nlen+1大小的空间,最后一位放'\0',strlen只计算字符的长度不包含'\0',是个函数 char* p = (char*)malloc(sizeof(char)*(nlen+1)); int i = 0; //从头开始 int j = nlen-1; //从尾开始 while(i < nlen) { p[i] = s[j]; //将尾部的值赋值到头 i++; j--; } p[i] = '\0'; //字符串结束符 return p; } //判断子串是否是回文,是返回1,不是返回0 int IfPlalindrome(char* s) { int len = strlen(s); int low = 0; int high = len - 1; //奇数个字符 中间字符不用管,即最后low = high;偶数字符:low > high while(low < high) { if(s[low] == s[high]) //头尾相等是回文的条件 { low++; high--; } else return 0; } return 1; } char * longestPalindrome(char * s){ int nlen; char* str = (char*)malloc(sizeof(char)*(MAXSIZE + 1)); //存放最长回文子串 char* str1= (char*)malloc(sizeof(char)*(MAXSIZE + 1)); //存放每次循环产生的子串 char* p; int i,j,k,m,n; unsigned int max = 0; //最大值 nlen = strlen(s); p = GetReserve(s,nlen); //反串 for(i = 0; i < nlen; i++) { for(j = 0; j < nlen; j++) { m = i; n = j; k = 0; while(s[m] == p[n]) { str1[k] = s[m]; m++; n++; k++; if(n == nlen || m == nlen) //防止数组越界 break; } str1[k] = '\0'; if(IfPlalindrome(str1)) //是否回文 { if(strlen(str1) > max) { max = strlen(str1); strcpy(str,str1); } } } } return str; } |
这是Leetcode给的报错:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 | ================================================================= ==45==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x619000001d69 at pc 0x0000004024cf bp 0x7ffdb04bee90 sp 0x7ffdb04bee80 READ of size 1 at 0x619000001d69 thread T0 #3 0x7f6c8d3e282f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) 0x619000001d69 is located 0 bytes to the right of 1001-byte region [0x619000001980,0x619000001d69) allocated by thread T0 here: #0 0x7f6c8e3fe078 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10c078) #3 0x7f6c8d3e282f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) Shadow bytes around the buggy address: 0x0c327fff8350: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c327fff8360: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c327fff8370: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c327fff8380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c327fff8390: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x0c327fff83a0: 00 00 00 00 00 00 00 00 00 00 00 00 00[01]fa fa 0x0c327fff83b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c327fff83c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c327fff83d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c327fff83e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c327fff83f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==45==ABORTING |