Why does my program throws SIGABRT when I try to delete[] array?

Question

I've run into a very annoying bug recently. When I try to delete[] the array that fileHeader points to, the program throws a SIGABRT signal.

One thing I want to specify is that this program runs without any problem in Microsoft Visual C++ 2012 with Microsoft C++ compiler, but has this bug in Code::Blocks with GCC compiler version 4.6

Here's the code related to this bug:

void Image::saveBMP(char fileName[])
{
    ofstream file(fileName, ios::binary);
    if(file.is_open())
    {
        char *fileHeader = setupFileHeader();
        char *imageHeader = setupImageHeader();
        char *imageData = setupImageData();

        file.write(fileHeader, 14);
        file.write(imageHeader, 40);
        file.write(imageData, height*width*4);
        delete[] fileHeader;
        delete[] imageHeader;
        delete[] imageData;

        file.close();
    }
}

char* Image::setupFileHeader()
{
     char *buffer = new char[14];
     unsigned fileSize = (unsigned)(width*height*4 + 54);

     for(int i = 0;i < 40;i++)
         buffer[i] = 0;

     buffer[0] = 'B';
     buffer[1] = 'M';
     buffer[10] = 54;

     for(int i = 0;i < 4;i++)
     {
         buffer[2+i] = (fileSize >> (i*8)) & 0xFF;
     }

     return buffer;
}

char* Image::setupImageHeader()
{
    char *buffer = new char[40];
    unsigned rawDataSize = (unsigned)(width*height*4);
    unsigned resolution = 2835; //pixels per meter

    for(int i = 0;i < 40;i++)
        buffer[i] = 0;

    buffer[0] = 40;
    buffer[12] = 1;
    buffer[14] = bpp;

    for(int i = 0;i < 4;i++)
    {
        buffer[4+i] = (width >> (i*8)) & 0xFF;
        buffer[8+i] = (-1*height >> (i*8)) & 0xFF;
        buffer[20+i] = (rawDataSize >> (i*8)) & 0xFF;
        buffer[24+i] = (resolution >> (i*8)) & 0xFF;
        buffer[38+i] = (resolution >> (i*8)) & 0xFF;
    }

    return buffer;
}

char* Image::setupImageData()
{
    unsigned rawDataSize = (unsigned)(width*height*4);
    char *buffer = new char[rawDataSize];

    int k = 0;
    for(int i = 0;i < height;i++)
        for(int j = 0;j < width;j++)
        {
            buffer[k++] = pixels[i][j].getBlueByte();
            buffer[k++] = pixels[i][j].getGreenByte();
            buffer[k++] = pixels[i][j].getRedByte();
        }

    return buffer;
}

I've checked, and at the moment when delete[] want's to do it's job, fileHeader correctly points to the array that should be deleted. And the file is created and has the correct format (it open's as a BMP image file), so the array's content is good.

I am really eager to find why this is happening, because I found it to be very strange...

Answer 1

 char *buffer = new char[14];
 unsigned fileSize = (unsigned)(width*height*4 + 54);

 for(int i = 0;i < 40;i++)
     buffer[i] = 0;

Here your are allocating the buffer of 14 char. While in loop you are filling the buffer for 40 iterations. It is "Array out of Bound" memory corruption.

It's just luck that is not crashing with VC++