Buffer Overflow

I'm not new to C++ programming. Just trying to review my programing skills so I tried to create a program that will compute for the BMI (Body Mass Index) and produce a Patient Report (That will contain the information of all patients). There will be a auto generating Patient No. So if it's the first time you run the program, the patient number will be zero. But if you run the program again, the patient number should be the last patient number (let's say the last patient is number 5, so the next time I run the program, the patient number will be number 6). I used the file "PatientReport.txt" to get the last patient number and increment it so that I can get the next number.

I'm using MS Visual Studio 2010 PRO....
So I got it (quite) working... The first time I run the program, it runs perfectly... But when I tried to run it again, yes I can still run it... but when I tried to exit the program, a error window appears with this note "Run-Time Check Failure #2 - Stack around the variable 'autonumber' was corrupted." if i continue, it shows the buffer overflow error

When I looked at the debug notes I can see
pr 0x53b4e4f8 {_ptr=0x00000000 <Bad Ptr> _cnt=0 _base=0x00000000 <Bad Ptr> ...} _iobuf *

There's a 0x00000000 <Bad Ptr> at _base _ptr and _tmpfname with CXX0030: Error: expression cannot be evaluated

I hope that anyone here can help me solve this Stack around the variable 'autonumber' was corrupted error

Last edited on
When the file does not exist, you create it and then close it. Shouldn't you open it again for reading?
The error that causes stack corruption is likely the one on line 60, as gcc dutifully tells me (after i fixed other errors, like main returning "void")

fscanf(pr,"%[^\n]",&autonumber);
test.cc:60:34: warning: format ‘%[^
’ expects argument of type ‘char*’, but argument 3 has type ‘int*’ [-Wformat]
Last edited on
@Telion
why would I open it for reading? I used append so that I can include a new line at the text file if I don't the outcome will be.
Patient Number Name BMI AssesmentPatient Number Name BMI Assesment

It should add a new line so that the Next patient will be added at the next line

@Cubbi
Oh... thanks!.. I tried to look at that line and it seems that it causes the stack corruption

What I want to do is to get the last Patient Number so I used that code..
My objective is that I need to get the last patient number and use it so that I can just increment and it will be the next patient number

1 Name BMI Assesment
2 Name BMI Assesment


I need to get the number 2 because that's the last patient number.... How can I do that?
I tried to use the code fscanf(pr,"%[^\n]",&autonumber); but it causes the error...
Last edited on
Never mind about reopening the file. I misread the code.

The real problem is that you're using c-style IO. Remove the stdio.h header and change all the code that uses it. Instead of using FILE* and fscanf, use fstream. Stream IO is much more expressive than format strings.

You should also stop opening and closing the same file over and over. Open it for reading and writing once, and if you need to append just call seekp.

I don't know of any simple, fast way to get the first character on the last line. You could try starting from the end of the file and searching backwards for a newline character. The character before (after) that newline is the patient number.
I don't know of any simple, fast way to get the first character on the last line. You could try starting from the end of the file and searching backwards for a newline character. The character before (after) that newline is the patient number.


So I changed the faulty fscanf(pr,"%[^\n]",&autonumber); to fseek and I just figured out how will I code it and it worked.. no more stack corrupted error haha.. Thanks!

I'm not really familiar of using fstream. I always use fscanf and FILE* from stdio.h

Now I'll try to think how will I apply seekp to reduce opening and closing the same file..

The real problem is that you're using c-style IO. Remove the stdio.h header and change all the code that uses it. Instead of using FILE* and fscanf, use fstream. Stream IO is much more expressive than format strings.


No, it is not. It's one of the most flawed standard library part. And additionally - pretty slow compared to standard C API and also quite limited in functionality (actually more limited than even Java). There is no point in using it except for masturbating yourself "yeah, I'm a pro, I use C++". LOL.

Yossi Kreinin wrote:

The only thing you'll gain from all this extra typing is extra long build cycles and error messages and extra large program image. This is what you get when you shift a file object by an integer


C:
 
printf("0x%08x\n", x);


Java:
 
out.printf("0x%08x\n", x);


WTF:
 
std::cout << std::hex << std::setfill('0') << std::setw(8) << x << std::dec << std::endl; 

C API is somehow tricky to use, however when you know some simple rules how to avoid buffer overruns, it is much more readable and maintainable, and what is most important: it lets you separate formatting from actual data writing.
Last edited on
@rapidcoder you're trolling again, but in case there's something interesting about Java that I didn't know,

quite limited in functionality (actually more limited than even Java)

give examples of Java I/O allowing arbitrary user-defined filtering, conversion, and compression, arbitrary user-defined state (e.g. like in C++ when you pass state from custom IO manipulator to custom operator>>), arbitrary data sources and sinks? Or allows treatment of I/O streams as iterable containers? Granted, I don't know Java all that much, but I/O streams are the *most* customizable and extensible part of the C++ standard library.

C API [...] is much more readable and maintainable

If you're using it to I/O values of a few arithmetic types well supported in C, using the few well-supported formatting and parsing options, maybe. But even in C it quickly turns into an unreadable mess of macros interspersed with string literals when you try to get portable. Try to step into C++ and it becomes entirely useless.
Last edited on

give examples of Java I/O allowing arbitrary user-defined filtering, conversion, and compression, arbitrary user-defined state (e.g. like in C++ when you pass state from custom IO manipulator to custom operator>>), arbitrary data sources and sinks? Or allows treatment of I/O streams as iterable containers?


Yeah, this is one of the design flaws of iostream. They wanted to make it so generic and universal, that it is near to useless (combined with some serious design flaws like formatting being part of the stream's state). It also doesn't really matter to me that I can extend the iostream framework in (almost) any direction as I wish. I can do that with Java and C and even Basic as well. What matters is how many of useful features are supported out-of-the-box and how fast you can write code.

As for limitations vs Java and C. Just a few things from top of my head:

1. You can't get raw file descriptor from a file stream in order to call e.g. posix_fadvise.
2. UTF-8 and other popular encodings are not yet supported (gcc) or even they are, they are buggy.
3. What about asynchronous / nonblocking streams?
4. What about thread-safety, e.g. for logging purposes?


If you're using it to I/O values of a few arithmetic types well supported in C, using the few well-supported formatting and parsing options, maybe


It can be easily extended by adding new functions. It's been done for years.
Last edited on
Topic archived. No new replies allowed.