Home
Blogs
Forums
News
Portfolios
Projects
Tutorials
44 users logged in
New? Learn about game development.
Before posting, review our community guidelines.
Follow Us
Chat in the GameDev.net Discord!
Mastodon
Back to General and Gameplay Programming

Heap Corruption with ifstream and delete[]

Started by
7 comments, last by Khatharr 11 years, 3 months ago

I have this code:




ifstream reader;
reader.open("myFile.bmp", ios::binary);

//Read the headers and stuff, fill some variables
unsigned char *bitmapArray = new unsigned char[imageWidth * imageHeight * 4]; //array with enough values for RGBA of the BMP

int c = 0;
while(!reader.eof())
{
    reader.read(pixelInfo, 3); //pixelInfo is a char[3]

    //Filling RGBA info into my bitmapArray
    bitmapArray[c] = pixeInfo[0];
    bitmapArray[c + 1] = pixeInfo[1];
    bitmapArray[c + 2] = pixeInfo[2];
    bitmapArray[c + 3] = 255; 
    c += 4; //increasing C for the next values
}
reader.close();

//Here I use bitmapArray for some stuff

delete[] bitmapArray; //This gives me HEAP CORRUPTION error

If I don't mess with bitmapArray inside the while loop (simply commenting 4 lines, still leaving the reader there), it goes through fine.

The size of the image I'm using is 40000 bytes long, if I declare the array as "unsigned char bitmapArray[40000];" I still get the same error, but if I add a single char it doesn't - "unsigned char bitmapArray[40001];"

I checked the address the debugger says it's corrupted, but it isn't nowhere close to the starting/ending addresses of bitmapArray.

The error is: "HEAP CORRUPTION DETECTED: after Normal block (#161) at 0x00413F58. CRT detected that the application wrote to memory after end of heap buffer."

Why is this happening?

Advertisement
You're reading 3 bytes at a time and writing 4 bytes at a time.
You're reading 3 bytes at a time and writing 4 bytes at a time.

Ops, typed without thinking, didn't notice that.

I managed to find what is causing the HEAP CORRUPTION, it's because of the cast from signed char to unsigned char in the while loop, if I use a signed char array it works fine only to go through the debugger, but I can't use signed char for the rest of the code. Is there any solution for this?

A .bmp file has a header (think it may be a BITMAPINFO structure but it may be something else, even variable size). Also, each row of a bmp is padded to a multiple of 4 bytes, you need to check the stride variable from the header and reading one entire line at a time is probably best.

Also you need to remember bmp files are stored upside down, for arcane reasons ;)

EDIT: If it is a palettised bitmap, the palette appears after the header. Also, your code won't work if it reads a 32 bit RGBA bitmap, so you need to check the header.
"Most people think, great God will come from the sky, take away everything, and make everybody feel high" - Bob Marley

I suggest you read up on the BMP file format. For what it's worth, BITMAPINFOHEADER is the most common DIB header, and supporting the other DIB headers is usually overkill/unnecessary.

[size=2][ I was ninja'd 71 times before I stopped counting a long time ago ] [ f.k.a. MikeTacular ] [ My Blog ] [ SWFer: Gaplessly looped MP3s in your Flash games ]

[quote name='Danicco' timestamp='1356728125' post='5015177']


I managed to find what is causing the HEAP CORRUPTION, it's because of the cast from signed char to unsigned char in the while loop, if I use a signed char array it works fine only to go through the debugger, but I can't use signed char for the rest of the code. Is there any solution for this?

[/quote]

I doubt casting from signed to unsigned could cause a heap corruption (unless the overflow from signed to unsigned mess up your calculation). When it comes to debugging heap corruption, do not rely on results alone. Corrupted heap is one of those things that may produce different results when run at different times under different conditions, and you can't trust what the debugger says as it's likely to point at a totally different place in the code and thinks that's where the problem is, while in reality it's somewhere else.. The only solution is to reinspect all your code and unit test them.

If I were a gambler, my money would rest on the fact that you do not check the success of the read() call, and the fact that ifstream::eof() doesn't work they way you're using it.

At a guess, this might work better.


//.. preamble

int c = 0;
while(reader.read(pixelInfo, 3)) //pixelInfo is a char[3]
{
  //Filling RGBA info into my bitmapArray
  bitmapArray[c] = pixeInfo[0];
  bitmapArray[c + 1] = pixeInfo[1];
  bitmapArray[c + 2] = pixeInfo[2];
  bitmapArray[c + 3] = 255;
  c += 4; //increasing C for the next values
}
reader.close();

//Here I use bitmapArray for some stuff

Stephen M. Webb
Professional Free Software Developer

[quote name='Bregma' timestamp='1356738355' post='5015229']
If I were a gambler, my money would rest on the fact that you do not check the success of the read() call, and the fact that ifstream::eof() doesn't work they way you're using it.
[/quote]

Yep, that was it, although I did:


while(c < bitmapArrayLength)
{
    //etc
}

It seems the reader.eof() was writing beyond the array bounds and attempting to delete it was messing everything up.

Thanks for the help!

Aye, you always want to try to have a direct relationship between the number that fills a buffer and the number that was used to create it.

+1 Bregma

Meanwhile, you're doing a bit of extra work here, so I thought I'd make a suggestion:

You're reading into the array 'pixelInfo', but your real target is the bitmap data. Why not try something like:


unsigned char* texelPtr = bitmapArray; //roaming pointer that will traverse the data
unsigned char* texelEnd = texelPtr + (the length of the array); //this pointer value indicates the first overflow byte

while(texelPtr < texelEnd) {
    reader.read(texelPtr, 3);
    texelPtr[3] = 255;
    texelPtr += 4;
}

Which would eliminate the double-copy behavior?

void hurrrrrrrr() {__asm sub [ebp+4],5;}

There are ten kinds of people in this world: those who understand binary and those who don't.

This topic is closed to new replies.

Advertisement

Popular Topics

Aybe One
How do you manage yourself and your time as years pass on? GDNet Lounge
Jikoob
Too many managers? General and Gameplay Programming
aigan
The promise of freedom in story games Game Design and Theory
robertrobert
Facebook Ads for sales on steam, does it work? Games Business and Law
gjl
New Generated Constructor & JIT Issue AngelCode
MrK45
Inheriting from application registered class AngelCode
Advertisement

Recommended Tutorials

Myopic Rhino
String Usage and Architecture General and Gameplay Programming
DELETE_ME
Character Writing Advice From Writers Writing for Games
Myopic Rhino
Converting Scan Codes to ASCII Graphics and GPU Programming
Myopic Rhino
Unity Summer of Code Post Mortem: Cutscene Editor Interviews
Chris Hargrove
Code on the Cob Part 12 General and Gameplay Programming

Reticulating splines

About GameDev.net
Community Guidelines
Terms of Service
Privacy Policy
Contact Us
Copyright (c) 1999-2024 GameDev.net, LLC
Back to Top