Home/ Questions/Q 3607482
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-18T21:22:52+00:00

I’ve been using pointers more and more in my programs, and while reading up

  • 0

I’ve been using pointers more and more in my programs, and while reading up about pointers, every single guide or tutorial I found said that incorrect use of pointers could yield ‘disastrous’ results.

Now, I’ve had a few cases of some big memory leaks, and pointers dereferencing a wrong pointer variable, returning an incorrect value, but other than that nothing ‘disastrous’ has ever occurred; like my computer and/or other programs crashing.

Can someone give me a simple code example that will definitely yield ‘disastrous’ results, perhaps with some back-story of what happened, in case you’ve ever accidentally used that piece of code? By ‘disastrous’ results, I mean code that might interfere with other programs or the OS, and possibly make them crash.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Incorrect pointer arithmetic can lead to disasters too, because getting the bounds wrong leads to buffer overflows, and buffer overflows lead to corrupted data, for example stack smashing:

    void test_fun(int i)
    int x[5];
    for (int *p = x; p < x+10; ++p) { // obvious error, some are more subtle
        *p = i;
    }
    return; // execution may resume at address `i`, with entertaining results
}

    Of course, you can make the same mistake just calling strcpy or memcpy[*], you don’t have to be doing the pointer arithmetic yourself. If an attacker controls the value of i (perhaps because it’s read from an input file, and the attacker crafts a malicious file), then you could have worse than a crash on your hands. In combination with more platform-specific tricks, the attacker might be able to arrange that returning to i eventually ends up executing code supplied by the attacker.

    [*] or strncpy, or strlcpy, or strcpy_s, or std::copy, before anyone starts. Once you’ve got a bound wrong somehow, then supplying that wrong bound to a bounds-checking function is still wrong…

    • 0