Thread: Server Programming in C: palloc() and pfree()

I'm having some problems when using "pfree()" on functions in C.<br />Calling it on "psql" gives the exception below on
bothversions of function "insert()" [1,2] if "pfree()" is enabled: <br /><br />server closed the connection
unexpectedly<br/>        This probably means the server terminated abnormally<br />        before or while processing
therequest.<br />conexão com servidor foi perdida<br />(connection to the server was lost) <br /><br />The strange is
thatit doesn't happen with the function "delstr()" [3], which has "pfree()".<br />What could am I doing wrong?<br /><br
/><br/>// 1)<br />void insert(char *str, const int start, const char *piece) <br />{<br />   int lstr = strlen(str);<br
/>  int lnew = lstr + strlen(piece) + 1;<br />   char* temp = palloc(lnew);<br />   memset((void*) temp, 0, lnew);<br
/><br/>   /*<br />   FILE *debug;<br />   debug = fopen("/dev/xconsole", "w"); <br />   fprintf(debug, "insert('%s',
%d,'%s')\n", str, start, piece);<br />   //fprintf(debug, "0) '%s'\n", temp);<br />   */<br /><br />   if (start <=
lstr+ 1)<br />   {<br />      strncpy(temp, str, start - 1); <br />      strcat(temp, piece);<br />      char* ptr =
str+ start - 1;<br />      strcat(temp, ptr);<br />      strcpy(str, temp);<br />   }<br />// pfree(temp); // <--
hereit doesn't work...<br /><br />   /*<br />   fprintf(debug, "-> '%s'\n", str); <br />   fflush(debug);<br />  
fclose(debug);<br/>   */<br />}<br /><br />// 2)<br />void insert(char *str, const int start, const char *piece)<br
/>{<br/>   int i, j;<br />   char* temp = palloc(strlen(str) + strlen(piece) + 1);<br /><br />   if (start - 1 <=
strlen(str))<br />   {<br />      for (i = 0; i < start - 1; i++)<br />         temp[i] = str[i];<br /><br />     
for(j = i; j < strlen(piece) + i; j++)<br />         temp[j] = piece[j - i];<br /><br />      for (; i <
strlen(str);i++, j++) <br />         temp[j] = str[i];<br /><br />      temp[j] = '\0';<br />      strcpy(str,
temp);<br/>   }<br />// pfree(temp); // doesn't work...<br />}<br /><br />// 3)<br />void delstr(char *str, const int
start,const int size)<br />{<br />   int i, j; <br />   char* temp = palloc(strlen(str) - size + 1);<br /><br />   for
(i= 0; (i < start - 1) && (i < strlen(str)); i++)<br />      temp[i] = str[i];<br /><br />   for (j =
start+ size - 1; j < strlen(str); i++, j++) <br />      temp[i] = str[j];<br /><br />   temp[i] = '\0';<br />  
strcpy(str,temp);<br />   pfree(temp);  // <-- here it works!<br />}<br /><br /><br clear="all" />--<br /><br
/>Regards,<br/><br />Rodrigo Hjort<br />GTI - Projeto PostgreSQL<br /> CELEPAR - Cia de Informática do Paraná<br /><a
href="http://www.pr.gov.br"target="_blank"> http://www.pr.gov.br</a><br /> 

On Thu, Feb 09, 2006 at 04:16:51PM -0200, Rodrigo Hjort wrote:
> I'm having some problems when using "pfree()" on functions in C.
> Calling it on "psql" gives the exception below on both versions of function
> "insert()" [1,2] if "pfree()" is enabled:
>
> server closed the connection unexpectedly
>         This probably means the server terminated abnormally
>         before or while processing the request.
> conexão com servidor foi perdida
> (connection to the server was lost)
>
> The strange is that it doesn't happen with the function "delstr()" [3],
> which has "pfree()".
> What could am I doing wrong?

You havn't said how you are calling the functions. For example, did you
declare them as cstring or text? text is not null terminated but a
varlena struct. So if you use text you'll end up with buffer overruns.

Could you provide a complete example with SQL?
--
Martijn van Oosterhout   <kleptog@svana.org>   http://svana.org/kleptog/
> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a
> tool for doing 5% of the work and then sitting around waiting for someone
> else to do the other 95% so you can sue them.

Rodrigo Hjort <rodrigo.hjort@gmail.com> writes:
> I'm having some problems when using "pfree()" on functions in C.

I think your pfree is just the bearer of bad news, ie, it's the victim
of a memory clobber that you've already executed.  Take another look at
your string manipulation --- that strncpy followed by strcat in
particular looks pretty dangerous, because strncpy doesn't guarantee
a trailing null.

[ looks again... ]  Hmm, not to mention that you are overwriting the
input "str", which is bad enough in itself, but you are doing so with
a string longer than the original.
        regards, tom lane