Bloque de montón modificado más allá del tamaño solicitado de 2 Error en C

So the following code is causing an error:

// free pointers created with malloc
for (int i = 0; i < 3; i++) {
    if (rt_offset_rs[i] != NULL ) {
        free(rt_offset_rs[i]); // <== AT THiS LINE

ERROR: Heap block at 0000000000331DD0 modified at 0000000000331DE2 past requested size of 2

I don't understand this error at all. The following is the code where I manipulate the pointer rt_offset_rs:

            char** rt_offset_rs; 
    rt_offset_rs = malloc(3 * sizeof(char*));
    if (rt_offset_rs == NULL ) {
        fprintf(outputFilePointer, "no more memory");

    for (int i = 0; i < 3; i++) {
        rt_offset_rs[i] = malloc(2 * sizeof(char));
        if (rt_offset_rs[i] == NULL ) {
            fprintf(outputFilePointer, "no more memory");

preguntado el 26 de noviembre de 13 a las 23:11

2 Respuestas

The error is not with the free() call, but somewhere before that, only your system checks for overflows only at some cases, one of them is free, and not in each write to the buffer.

It is not part of your code, but it seems that you allocate two bytes, and writes at least 3 to the buffer ( if it is a string - don't forget null terminator is another byte )

respondido 26 nov., 13:23

I see what you mean and I changed all of them to 3 but it does not fix my problem. But thank you - letra q

If you show more relevant code, we might be able to help more. - MByD

I ran into this problem when I do something like following.

#include <malloc.h>
int main()
    const char* s = "123";
    void** p = (void**)malloc(1);
    *p = (void*)s;

The code invokes the following error in a x64 construir:

HEAP[XXX.exe]: Heap block at 000001C207A21D60 modified at 000001C207A21DA5 past requested size of 35

The code invokes the following error in a Win32 construir:

HEAP CORRUPTION DETECTED: after Normal block (#93) at 0x00636110. CRT detected that the application wrote to memory after end of heap buffer.

The malloc line is wrong. It should be modified like this:

void** p = (void**)malloc(1*sizeof(void*));

Because the sizeof a pointer is sizeof(void*) bytes, not one byte!

Respondido el 11 de junio de 16 a las 04:06

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.