Incorrect checksum for freed object on malloc

In read_response, you are probably overwriting the end of the buffer pointed to by buf.

The problem is that buf is a pointer, so sizeof(buf) will return the size of a pointer (probably 4 or 8 depending on your CPU). You are using sizeof as if buf were an array, which is not really the same thing as a pointer in C although they seem interchangeable in some contexts.

Instead of using sizeof, you need to be keeping track of the last size that you allocated for buf, and add BUF_SIZE to that each time you enlarge the buffer.

You should also consider that the read operation may be returning considerably fewer characters than BUF_SIZE on each call, so doing a realloc on buf in each iteration may be overkill. That probably won’t cause any problems for you in terms of correctness, though; it will just use more memory than it needs to.

I would do something more like the code below.

#define MIN_BUF_SPACE_THRESHOLD (BUF_SIZE / 2)

char *read_response(int sock) {
    int bytes_read;
    char *buf = (char*)malloc(BUF_SIZE);
    int cur_position = 0;
    int space_left = BUF_SIZE;

    if (buf == NULL) {
        exit(1); /* or try to cope with out-of-memory situation */
    }

    while ((bytes_read = read(sock, buf + cur_position, space_left)) > 0) {
        cur_position += bytes_read;
        space_left -= bytes_read;
        if (space_left < MIN_BUF_SPACE_THRESHOLD) {
            buf = realloc(buf, cur_position + space_left + BUF_SIZE);
            if (buf == NULL) {
                exit(1); /* or try to cope with out-of-memory situation */
            }
            space_left += BUF_SIZE;
        }
    }

This version has the advantage of not trying to allocate more space if the read call comes back with only a few bytes of data.

Related Posts:

  1. How to properly malloc for array of struct in C
  2. How to run valgrind with basic c example?
  3. difference between and
  4. Memory Clobbering Error
  5. Use of cudamalloc(). Why the double pointer?
  6. Valgrind: invalid read of size 4 -> sigsegv, works fine without valgrind and in visual studio
  7. Is there a good Valgrind substitute for Windows?
  8. Difference between sizeof(char) and sizeof(char *)
  9. Valgrind Invalid free() / delete / delete[] / realloc() in C
  10. How to allocate array of pointers for strings by malloc in C?
  11. realloc(): invalid next size when reallocating to make space for strcat on char *
  12. malloc(sizeof(int)) vs malloc(sizeof(int *)) vs (int *)malloc(sizeof(int))
  13. Difference between malloc and calloc?
  14. Incompatible implicit declaration of built-in function ‘malloc’
  15. Need more information about Aborted (core dumped)
  16. What is the cause of flexible array member not at end of struct error?
  17. How to initialize array to 0 in C?
  18. Sign extend a nine-bit number in C
  19. Warning: assignment from incompatible pointer type
  20. How do malloc() and free() work?
  21. Cache Simulator in C
  22. make: Nothing to be done for `all’
  23. Data argument not used by format strings in C
  24. execv vs execvp, why just one of them require the exact file’s path?
  25. expected expression before ‘{‘ token
  26. Setting std=c99 flag in GCC
  27. C Vector/ArrayList/LinkedList
  28. Convert char array to a int number in C
  29. What is the difference between %f and %lf in C?
  30. warning: initializer element is not computable at load time
  31. What is stdin in C language?
  32. error: ‘for’ loop initial declarations are only allowed in C99 mode [duplicate]
  33. c – warning: implicit declaration of function ‘printf’
  34. Flushing buffers in C
  35. Undefined Reference issues using Semaphores
  36. What is time(NULL) in C?
  37. How to compile makefile using MinGW?
  38. Portable way to check if directory exists [Windows/Linux, C]
  39. Allocating string with malloc
  40. How to use EOF to run through a text file in C?
  41. Valgrind complains with “Invalid write of size 8”
  42. Expression must be a pointer to a complete object type using simple pointer arithmetic
  43. Simple way to check if a string contains another string in C?
  44. What does “request for member ‘*******’ in something not a structure or union” mean?
  45. Segmentation fault (core dumped) due to fgets – I think
  46. C subscripted value is neither array nor pointer nor vector when assigning an array element value
  47. What does “request for member ‘*******’ in something not a structure or union” mean?
  48. Unknown ending signal when using debugger gdb
  49. error: too few arguments to function `printDay’ (C language)
  50. How to convert integer to char in C?
  51. Difference between “move” and “li” in MIPS assembly language
  52. How to empty a char array?
  53. What is the difference between array and enum in C ?
  54. Undefined reference to main – collect2: ld returned 1 exit status
  55. How can one see content of stack with GDB?
  56. What does the term “empty loop” refer to exactly in C and C++?
  57. Is there a way to have printf() properly print out an array (of floats, say)?
  58. What integer hash function are good that accepts an integer hash key?
  59. Proper way to empty a C-String
  60. malloc(): memory corruption
  61. How do you allow spaces to be entered using scanf?
  62. X86 assembly – Handling the IDIV instruction
  63. Pause screen at program completion in C
  64. Where is the header file on Linux? Why can’t I find ?
  65. Difference between fgets and fscanf?
  66. What is the difference between %g and %f in C?
  67. Why is the sizeof(int) == sizeof(long)?
  68. Can’t understand the working of getint() in C as per K&R
  69. Structure padding and packing
  70. Lua – Number to string behaviour
  71. Allocating char array using malloc
  72. Reading in double values with scanf in c
  73. Realloc Invalid Pointer in C
  74. What tools are there for functional programming in C?
  75. typedef fixed length array
  76. “-bash: gcc: command not found” using cygwin when compiling c?
  77. How to format strings using printf() to get equal length in the output
  78. In C, what exactly happens when you pass a NULL pointer to strcmp()?
  79. In C, what exactly happens when you pass a NULL pointer to strcmp()?
  80. What are the differences between if, else, and else if? 
  81. strtok segmentation fault
  82. Invalid write of size 1
  83. How to solve static declaration follows non-static declaration in GCC C code?
  84. Constructor for structs in C
  85. C Error: declaration shadows a local variable — Won’t let me repeatedly replace the value of my float variable
  86. MIPS to C Translation
  87. Pointer to 2D arrays in C
  88. Pointer to a string in C?
  89. gdb: No symbol “i” in current context
  90. Cross Platform C library for GUI Apps?
  91. Implicit function declarations in C
  92. Pre increment vs Post increment in array
  93. Convert long long to string in C?
  94. Error: Conversion to non-scalar type requested
  95. how to stop a loop arduino
  96. How to normalize a mantissa
  97. “Nothing to be done for makefile” message
  98. How to use shared memory with Linux in C
  99. When is it ok to use a global variable in C?
  100. What is the difference between signed and unsigned int

Leave a Comment