Leetcode报错:AddressSanitizer: heap-buffer-overflow on address 0x619000001d69 at pc 0x0000004024cf bp 0x7ffdb04bee90 sp 0x7ffdb04bee80
先看一下题目
5.最长回文子串
给定一个字符串 s,找到 s 中最长的回文子串。你可以假设 s 的最大长度为 1000。
然后看一下代码:.
#define MAXSIZE 1000
//获得串s的反串
char* GetReserve(char* s,int nlen)
{
//申请nlen+1大小的空间,最后一位放'\0',strlen只计算字符的长度不包含'\0',是个函数
char* p = (char*)malloc(sizeof(char)*(nlen+1));
int i = 0; //从头开始
int j = nlen-1; //从尾开始
while(i < nlen)
{
p[i] = s[j]; //将尾部的值赋值到头
i++;
j--;
}
p[i] = '\0'; //字符串结束符
return p;
}
//判断子串是否是回文,是返回1,不是返回0
int IfPlalindrome(char* s)
{
int len = strlen(s);
int low = 0;
int high = len - 1;
//奇数个字符 中间字符不用管,即最后low = high;偶数字符:low > high
while(low < high)
{
if(s[low] == s[high]) //头尾相等是回文的条件
{
low++;
high--;
}
else
return 0;
}
return 1;
}
char * longestPalindrome(char * s){
int nlen;
char* str = (char*)malloc(sizeof(char)*(MAXSIZE + 1)); //存放最长回文子串
char* str1= (char*)malloc(sizeof(char)*(MAXSIZE + 1)); //存放每次循环产生的子串
char* p;
int i,j,k,m,n;
unsigned int max = 0; //最大值
nlen = strlen(s);
p = GetReserve(s,nlen); //反串
for(i = 0; i < nlen; i++)
{
for(j = 0; j < nlen; j++)
{
m = i;
n = j;
k = 0;
while(s[m] == p[n])
{
str1[k] = s[m];
m++;
n++;
k++;
if(n == nlen || m == nlen) //防止数组越界
break;
}
str1[k] = '\0';
if(IfPlalindrome(str1)) //是否回文
{
if(strlen(str1) > max)
{
max = strlen(str1);
strcpy(str,str1);
}
}
}
}
return str;
}
这是Leetcode给的报错:
=================================================================
==45==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x619000001d69 at pc 0x0000004024cf bp 0x7ffdb04bee90 sp 0x7ffdb04bee80
READ of size 1 at 0x619000001d69 thread T0
#3 0x7f6c8d3e282f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
0x619000001d69 is located 0 bytes to the right of 1001-byte region [0x619000001980,0x619000001d69)
allocated by thread T0 here:
#0 0x7f6c8e3fe078 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x10c078)
#3 0x7f6c8d3e282f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
Shadow bytes around the buggy address:
0x0c327fff8350: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c327fff8360: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c327fff8370: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c327fff8380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c327fff8390: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c327fff83a0: 00 00 00 00 00 00 00 00 00 00 00 00 00[01]fa fa
0x0c327fff83b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c327fff83c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c327fff83d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c327fff83e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c327fff83f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==45==ABORTING