memcpy wrong int on copy back [closed]

Question

Closed. This question needs details or clarity. It is not currently accepting answers.

---

Want to improve this question? Add details and clarify the problem by editing this post.

Closed 9 years ago.

Improve this question

Here are two small programs, the first one returns correct results, the second one is not. They seem pretty much the same to me, but why is the second program returns wrong results? I mean test function should print the same values as in main, but in the second program it does not.

program #1

    #include<stdio.h>
#include<stdlib.h>
#include<string.h>
#include<arpa/inet.h>
#include<stdint.h>

int test(const char *buf)
{
    printf("TEST HERE\n");
    int c = 33;
    int d = 44;
    memcpy(&c, &buf+1, 4);
    memcpy(&d, &buf+5, 4);

    printf("c is %d\n", c);
    printf("d is %d\n", d);
}
int main()
{
    char *buf = malloc(100);
    char buf2[100];
    int a = 11;
    int b = 22;
    int c = 33;
    int d = 44;
    int i;
    for(i = 0; i < 100; i++)
    {
        buf[i] = 0;
        buf2[i] = 0;
    }
    buf[0] = 127;
    memcpy(buf+1, &a, 4);
    memcpy(buf+5, &b, 4);
    memcpy(&c, buf+1, 4);
    memcpy(&d, buf+5, 4);   
    printf("c is %d\n", c);
    printf("d is %d\n", d);
    memcpy(&buf2+1, &a, 4);
    memcpy(&buf2+5, &b, 4);
    memcpy(&c, buf+1, 4);
    memcpy(&d, buf+5, 4);   
    printf("c is %d\n", c);
    printf("d is %d\n", d);
    test(buf);
    test(buf2);
}

program #2

#include<stdio.h>
#include<stdlib.h>
#include<string.h>
#include<arpa/inet.h>
#include<stdint.h>
int test(const char *buf)
{
    printf("test here\n");
    int b = 55555;
    int d = 55555;
    memcpy(&b, &buf+1, 4);
    memcpy(&d, &buf+5, 4);
    printf("b is %d\n", b);
    printf("d is %d\n", d);

    return 0;
}
int main()
{
    int a = 11;
    int b = 22;
    int c = 33;
    int d = 44;
    char buf[100];
    int i;
    for(i = 0; i<100;i++)
    {
        buf[i] = 0;
    }
    memcpy(&buf+1, &a, 4);
    memcpy(&buf+5, &c, 4);
    memcpy(&d, &buf+5, 4);
    memcpy(&b, &buf+1, 4);
    printf("b is %d\n", b);
    printf("d is %d\n", d);
    test(buf);
    return 1;
}

program 1 output:

c is 11
d is 22
c is 11
d is 22
TEST HERE
c is 1
d is 22
TEST HERE
c is 1
d is 22

program 2 output:

b is 11
d is 33
test here
b is -1056904720
d is 0

after "test here"

b should be 11

d should be 33

Thanks to whoever can answer this question!

Answer 1

Your memcpy() in the test() function is wrong.

int test(const char *buf) {
                    ^^
                   a pointer !

   memcpy(&b, &buf+1, 4);
   memcpy(&d, &buf+5, 4);

You then take the address of the passed in pointer and add an offset to that, which wouldn't point anywhere valid. So you invoke undefined behavior, if your program #1 happens to work, you got lucky.

You must use:

memcpy(&b, buf+1, 4); memcpy(&d, buf+5, 4);

You have the same error in main(). In main you have char buf[100];, which is an array, and not a pointer. Your pointer arithmetic (&buf + 5) doesn't add 5 bytes to the start of buf but it adds 5*sizeof buf bytes to the pointer, and again you're copying bytes around to invalid space, outside your array. The code in main() must be:

memcpy(buf+1, &a, 4);
memcpy(buf+5, &c, 4);
memcpy(&d, buf+5, 4);
memcpy(&b, buf+1, 4);

Answer 2

Change the test function,

    int test(const char *buf)
    {
        printf("TEST HERE\n");
        int c = 33;
        int d = 44;
        memcpy(&c, buf+1, 4); // removed the & operator
        memcpy(&c, buf+1, 4); // removed the & operator

        printf("c is %d\n", c);
        printf("d is %d\n", d);
    }

also in main

 memcpy(buf2+1, &a, 4); // removed the & operator
 memcpy(buf2+5, &b, 4); // removed the & operator