Quesion:

My question arises from one of my c++ exercises (from Programming Abstraction in C++, 2012 version, Exercise 12.2). Here it is:

void strcpy(char *dst, char *src) {

    while (*dst++ = *src++);

}

The definition of strcpy is dangerous. The danger stems from the fact that strcpy fails to check that there is sufficient space in the character array that receives the copy, thereby increasing the chance of a buffer-overflow error. It is possible, however,
to eliminate much of the danger by using dynamic allocation to create memory space for the copied string. Write a function

char *copyCString(char *str);

that allocates enough memory for the C-style string str and then copies the characters—along with the terminating null character—into the newly allocated memory.

Here's my question: Is this new method really safe? Why it's safe? I mean, to be a little bit radical, what if there isn't enough space in the heap? Is the new operator
able to check for space availability and fall in an elegant way if there isn't enough space? Will that cause other kind of "something-overflow"?

Answer:

If new fails
to allocate the requested memory, it's supposed to throw a std::bad_alloc exception
(but see below for more). After that, the stack will be unwound to the matching exception handler, and it'll be up to your code to figure out what to do from there.

If you really want/need to assure against an exception being thrown, there is a nothrow version
of new you
can use that will return a null pointer to signal failure--but this is included almost exclusively for C compatibility, and not frequently used (or useful).

For the type of situation cited in the question, you normally want to use std::string instead
of messing with allocating space yourself at all.

Also note that on many modern systems, the notion of new either throwing
or returning a null pointer in case of failure, is really fairly foreign. In reality, Windows will normally attempt to expand the paging file to meet your request. Linux has an "OOMKiller" process that will attempt to find "bad" processes and kill them to
free up memory if you run out.

As such, even though the C++ standard (and the C standard) prescribe what should happen if allocation fails, that's rarely what happens in real life.

c++: Does the new operator for dynamic allocation check for memory safety?的更多相关文章

  1. Pointers and Dynamic Allocation of Memory

    METHOD 1: Consider the case where we do not know the number of elements in each row at compile time, ...

  2. Android 性能优化(23)*性能工具之「Heap Viewer, Memory Monitor, Allocation Tracker」Memory Profilers

    Memory Profilers In this document Memory Monitor Heap Viewer Allocation Tracker You should also read ...

  3. lwIP Memory Management

    http://lwip.wikia.com/wiki/Lwipopts.h Memory management (RAM usage) /** * MEM_LIBC_MALLOC==1: Use ma ...

  4. PatentTips - Systems, methods, and devices for dynamic resource monitoring and allocation in a cluster system

    BACKGROUND  1. Field  The embodiments of the disclosure generally relate to computer clusters, and m ...

  5. Pooled Allocation(池式分配)实例——Keil 内存管理

    引言:说到动态申请(Dynamic Allocation)内存的好处,学过C/C++的人可能都有体会.运行时的灵活申请自然要比编码时的猜测好的多.而在内存受限情况下这种灵活性又有特别的好处--能让我们 ...

  6. 内存管理(memory allocation内存分配)

    Memory management is the act of managing computer memory. The essential requirement of memory manage ...

  7. C++ operator overload -- 操作符重载

    C++ operator overload -- 操作符重载 2011-12-13 14:18:29 分类: C/C++ 操作符重载有两种方式,一是以成员函数方式重载,另一种是全局函数. 先看例子 # ...

  8. dynamic详解

    一.简介 在通过 dynamic 类型实现的操作中,该类型的作用是绕过编译时类型检查, 改为在运行时解析这些操作. dynamic 类型简化了对 COM API(例如 Office Automatio ...

  9. Memory Allocation with COBOL

    Generally, the use of a table/array (Static Memory) is most common in COBOL modules in an applicatio ...

随机推荐

  1. python信息收集之子域名

    python信息收集之子域名 主要是以下3种思路: 字典爆破 搜索引擎 第三方网站 0x00 背景知识 list Python内置的一种数据类型是列表:list是一种有序的集合. >>&g ...

  2. [solution] JZOJ-5458 质数

    [solution] JZOJ-5458 质数 题面 Description 小X 是一位热爱数学的男孩子,在茫茫的数字中,他对质数更有一种独特的情感.小X 认为,质数是一切自然数起源的地方. 在小X ...

  3. Codeforces791 B. Bear and Friendship Condition

    B. Bear and Friendship Condition time limit per test 1 second memory limit per test 256 megabytes in ...

  4. 重新编译安装swoole支持OpenSSL

    1.下载:wget http://pecl.php.net/get/swoole-1.9.22.tgz 2.解压:tar zxvf swoole-1.9.22.tgz 3.扩展模块:cd swoole ...

  5. 二进制加法Java实现

    二进制整数的Java实现 任意两个二进制数(不论在什么位置)相加,只可能出现4种情况.它们是: 0+0=0 1+0=0+1=1 1+1=10=0+向高一位的进位1 1+1+1=11=1+向高一位的进位 ...

  6. 简单的Poc Exp编写(上)

    简单的POC EXP 编写 (上)   作者BY Greekn   今天主要讲的 是关于web 方面的 poc 编写 关于web 安全 个人理解的话 一个就是攻击  另一个就是漏洞挖掘了 防御的话 看 ...

  7. 前端自动化部署方案-实践(配合shell)

    以下实例项目为vue项目,其他项目当然也雷同咯 在项目中建一个这个么脚本文件 不说了,上代码 #!/bin/sh handle=$1; env=$2; # 远程部署机 webhook # 如果用远程机 ...

  8. Dispatch Queue 之 Invoke 当前队列

  9. vue中子组件通过$parent操作父组件的参数或者方法

    先看一个简单的demo: 父组件添加一个弹框,弹框的内容是另外导入的一个子组件: <Modal v-model="accountDetailsModal" class=&qu ...

  10. [视频]K8飞刀 WordPress XSS添加管理员 & GetShell 教程

    [视频]K8飞刀 WordPress  XSS添加管理员 & GetShell 教程 https://pan.baidu.com/s/1hq4LsmK