0

I guess I am confused for some reason on how to initialize a char pointer value. Maybe I am overthinking it. I have this in a header file called Login.h char *arg1;

I got a warning that the member variable is not initialized in this constructor. So in Login.cpp I put:

Login::Login() { // TODO Auto-generated constructor stub arg1 = (char *)malloc(50); //arg1 = new char(); //arg1 = nullptr; }

What is the difference between:

arg1 = (char *)malloc(50); 
arg1 = new char(50);

When I try the code below, I get incompatible type.

arg1 = 'A';

I guess I am confused on initializing a pointer vs a normal variable

Should I just do this?

arg1 = nullptr;

Hoping someone can clarify this for me, thanks.

Improve this question
4
  • You probably meant new char[50] to allocate 50 characters. Commented Apr 18, 2020 at 5:33
  • 1
    If you can use std::string arg1{}; if not then char *arg1 = new char[50]; (don't forget, you are then responsible for calling delete[] arg1; when done with arg1) Commented Apr 18, 2020 at 5:36
  • So to be clear, new char[50] creates the space for 50 characters? That's how you would initialize a pointer variable and I could assign it an actual value somewhere else when needed? Commented Apr 18, 2020 at 5:38
  • Yes you are right I meant char[50] Commented Apr 18, 2020 at 5:39

1 Answer 1

Reset to default
1

Presuming arg1 is interpreted to be a character string, this will make the compiler happy in addition to other goodness:

Login::Login() { // TODO Auto-generated constructor stub arg1 = (char *)malloc(50); arg1[0] = '\0'; }

Now arg1 is a properly null terminated string. It's essentially an empty string. Without that = '\0' initializer, arg1 was a pointer to allocated, but uninitialized memory. Originally, before this change, there's was no guarantee of a null terminator within that allocated 50 byte array. Any attempt to strcpy the contents of that string, would result in undefined behavior as the copy code could pass the array bounds looking for a null char that isn't there.

Two other things to consider. Why not just declare arg1 to be of type char arg1[50] or of type std::string arg1. Then you don't have to worry about freeing the memory as much and your class's default copy constructor will do the right thing.

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

I guess I should provide more context. I am learning secure coding and my task is to find instances of non-secure code. One of the issues in the checklist of issues is member variables not initialized. I understand normal variables and initializing them. (For example bool status; and then I would initialize status = false). Pointers have just thrown me off and it is confusing because of the rest of the code. Here is the .cpp and .h file in question(Login.cpp, Login.h). . It is weird because arg1 is given a string value but that is not on the checklist. repl.it/@TomSoyer/SecureCoding
Was also wondering if it is proper just to initialize pointers to nullptr.
You can and should initialize a pointer to null. But if you allocate memory and assign the pointer to that address (via malloc or new), then you have a valid pointer, but the memory contents could be anything. So it's always a good idea in the context of secure programming to "zero out" the array after obtaining the memory. And before you free/delete it, do the same.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.