What does "CRT detected that the application wrote to memory after end of heap buffer" mean?

c debugging buffer heap-memory

41,866

What does “CRT detected that the application wrote to memory after end of heap buffer” mean?

Suppose you allocate a heap buffer:

char* buffer = malloc(5);

OK, buffer now points to five chars on the heap.

Suppose you write six chars into that buffer:

buffer[0] = 'a';
buffer[1] = 'b';
buffer[2] = 'c';
buffer[3] = 'd';
buffer[4] = 'e';
buffer[5] = '\0';

You have now corrupted the heap; you were only allowed to write five chars and you wrote six.

The program is now permitted to do anything whatsoever. It can work normally, it can crash, it can send all your passwords to hackers in China, anything.

Your implementation apparently chooses the best possible choice, which is "inform you that you made a mistake". You should be very, very happy that this is what happened, instead of any of the horrible alternatives. Unfortunately it informs you when the buffer is freed, and not when you made the mistake, but be happy that you got an error at all.

41,866

Author by

user3699827

Updated on November 20, 2021

Comments

user3699827 over 2 years

I am having trouble with this code. It breaks at the free(q->izv) function and i get a debug error saying:

CRT detected that the application wrote to memory after end of heap buffer

I have no idea what that means so i would be grateful for any help I get.

    typedef struct izvodjaci{
        char *izv;
        int broj;
        struct izvodjaci *sled;
    }IZV;

    obrisi_i(IZV *p){
        while (p){
            IZV *q;
            q = p;
            p = p->sled;
            if (!strcmp(q->izv,"UNKNOWN")) free(q->izv);
            free(q);
        }
    }

Thanks in advance

user3699827 about 10 years

Thank you. You were right. I miscalculated and i used one space more than i allocated.
user3699827 about 10 years

I rewrote almost everything except that... This is the first time i made that mistake so i haven't seen that error message before so i kinda panicked.And thanks for the tips.
saurabheights about 9 years

Hi Eric, this was amazing. I kinda used strlen while copying from src char* to dest char*. Can you tell me why Visual Studio compiler finds this corruption issue during free, instead of while I ended up writing out of the memory bounds.
Eric Lippert about 9 years

@user1874627: This is a question-and-answer site for specific questions about actual code, and what you've got there is a specific question about actual code, so I encourage you to (1) search to see if it is answered already, and if not (2) post a question!
Eric Lippert about 9 years

@user1874627: That said, think about it like this: suppose you are developing a compiler for a C-like language. Describe to me how you would implement the feature you are suggesting: detection of out-of-bounds writes to an arbitrary place in an arbitrary memory buffer at the time of writing. The feature cannot be implemented by magic; you have to generate code for it. What would that code look like? It doesn't have to be at the assembly code level; try describing it in terms of a high-level language.
Eric Lippert about 9 years

@user1874627: If you're having trouble getting started, here's an easier problem. Suppose you were generating code for detection of out-of-bounds writes to an arbitrary offset in a memory buffer, but you know that the offset is from the start of the buffer. How would you write the out-of-bounds-on-write detection in that case? Both problems are solvable but this one is much easier.