Dangling pointers in C
Dangling pointers in C: A pointer is a variable that stores the memory address of other variables. The pointers may also store the address of other’s memory items. They are of great help when it comes to dynamic memory allocation. A dangling pointer, on the other hand, points to a non-existential variable or a memory location. The dangling pointer may point to a variable or a memory location that might have been freed.
These pointers come into existence when the object or a variable or a memory location has been deleted or deallocated without modifying the value of that particular pointer.
In the C standard involving C pointers, many common bugs are occurred due to the pointers and managing the dangling pointers. Often, a programmer or a developer might fail to initialize the pointer with a valid address. That type of initialized pointer is known as a dangling pointer in C.
Dangling pointers mostly happen during the destruction of an object when it is being deleted or deallocated from memory without modifying the value of the pointer.
The dangling pointer can always point to a variable or memory location, consisting of the entire program code or the code of that particular operating system. If any value has been assigned to the dangling pointer, then it will overwrite that variable’s value of the program code or the operating system; in cases like such, the program will always show the undesirable result or even the crash.
If the memory is then reallocated in some other code, then the dereference of the dangling pointer will happen because of the segmentation fault. Since the value of the dangling pointer will not be modified at any time, it may still point to the memory locating of the other deallocated memory.
Dangling pointers may occur in three cases while executing a program:
- Function Call
A pointer pointing to a variable becomes a dangling pointer when the pointer pointing to the local variable is not a static variable.
E.g.:
#include <stdio.h> #include <conio.h> int *myvalue() { int a=5; return &a; } int main() { int *ptr=myvalue(); printf("%d", *ptr); return 0; }
Output
Explanation
- Once the main() function is created where the pointer ‘ptr’ has been declared. It consists of the return value of the ‘myvalue()’.
- Once the ‘myvalye()’ is called, then the control moves from one context to another which is an integer *myvalue(), the ‘myvalue()’ then returns to the address of the ‘a’ variable.
- Once the control comes back to the main function, the variable will no longer be available. It causes segmentation fault, that is, the code will be dumped.
Hence, it is said that the pointer becomes a dangling pointer since it points to a memory location that has been freed or deleted. The variable ‘a’ is a static variable and this static variable stores in the global memory.
Variable out of the scope
When the variable is pointing to a variable and that particular variable goes out of scope, then that pointer is considered as a dangling pointer.
E.g.:
#include <stdlib.h> void main() { int *ptr = NULL; { int num; ptr = # //ptr is not dangling in the inner block } //ptr is dangling in the outer block as num is out of scope in this block }
Output
error
Deallocation of the memory
When the memory in the program is deallocated, then the pointer points to a freed or a deleted space which eventually leads to dangling pointer
E.g.:
int main() { int *ptrr=(int *)malloc(sizeof(int)); int x=80; ptrr=&x; free(ptrr); return 0; }
Output
How to avoid dangling pointers
The dangling pointer gives out bugs and errors in the C programming language and it becomes difficult for a programmer to find one. They are a constant security hole at times.
Dangling pointers however can be avoided by initializing a NULL pointer value every time we initialize a pointer variable. If in case a programmer assigns a NULL value to a pointer, then it will not point to the memory location that has been freed. By doing so, the pointer will have all the means to not point to any location whatsoever.
Dangling pointers are those pointers whose address it has been pointing in the memory, which is no longer being utilized. It basically points to a value that has been rejected. This leads to errors and bugs that are notoriously hard to debug and due to this very reason, they only cut them at the runtime. Rust provides neat, and elegant solution to the errors by discovering the dangling pointers at the compile time itself and warns the programmer.