how does free() know how much to free?
Chengi Jimmy Kuo
cjkuo at locus.com
Fri Mar 1 08:58:27 AEST 1991
gah at hood.hood.caltech.edu (Glen Herrmannsfeldt) writes:
>Many free()'s store the length at the address right before the
malloc()
>allocated space. (Often aligned on a nice boundary.)
>If you reference element -1 in your malloc'ed array, you may
write into [-1] or [-2]
>destroy the length, and cause lots of strange effects.
Jimmy Kuo
--
cjkuo at locus.com
"The correct answer to an either/or question is both!"
More information about the Comp.lang.c
mailing list