Controlling the level of checking

The prototype of mallopt() is:

int mallopt( int cmd, intptr_t value );

The arguments are:

cmd

The command you want to use. The options used to enable additional checks in the library are:

• MALLOC_CKACCESS
• MALLOC_CKALLOC

We'll look at some of the other commands later in this chapter.

value

A value corresponding to the command used. For these particular commands, the value argument can be:

• 0 to disable the checking (the default for these commands)
• 1 to enable it

For information about all the commands, see the entry for mallopt() in the QNX OS C Library Reference. Here are the commands that control the additional checks:

MALLOC_CKACCESS

Turn on (or off) boundary checking for memory and string operations.

Environment variable: MALLOC_CKACCESS

Boundary checking helps to detect buffer overruns and underruns that are a result of memory or string operations. When this is on, each pointer operand to a memory or string operation is checked to see if it's a heap buffer. If it is, the size of the heap buffer is checked, and the information is used to ensure that no assignments are made beyond the bounds of the buffer. If an attempt is made that would assign past the buffer boundary, a diagnostic warning message is printed.

Here's how you can use this option to find an overrun error:

...
char *p;
int opt;
opt = 1;
mallopt(MALLOC_CKACCESS, opt);
p = malloc(strlen("hello"));
strcpy(p, "hello, there!");  /* a warning is generated here */

The following sample illustrates how access checking can trap a reference through a stale pointer:

...
char *p;
int opt;
opt = 1;
mallopt(MALLOC_CKACCESS, opt);
p = malloc(30);
free(p);
strcpy(p, "hello, there!");

MALLOC_CKALLOC

Turn on (or off) pointer checking for realloc() and free(), depending on the value argument. If this is on, the allocator makes sure that the pointers you pass to these functions point to memory that it manages.

Environment variable: MALLOC_CKALLOC