I write the follow code in leetcode, but it report the part 2 executing error, I don’t understand why, So I test the code, but it run ok.
The part 1:the code write in leetcode

/**
 * Note: The returned array must be malloced, assume caller calls free().
 */
int* twoSum(int* nums, int numsSize, int target, int* returnSize){
    int i, j;
    
    returnSize = (int *)malloc(sizeof(int) * 2);
    
    for (i=0; i<numsSize-1; i++)
    {
        for (j=i+1; j < numsSize; j++)
        {
            if (target == nums[i] + nums[j])
            {
                returnSize[0] = i;
                returnSize[1] = i;
                
                return returnSize;
            }
        }
    }
    return NULL;
}

The part 2: the excuting error report in leetcode

=================================================================
==30==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000000038 at pc 0x000000405109 bp 0x7fff0f287070 sp 0x7fff0f287068
READ of size 4 at 0x602000000038 thread T0
    #2 0x7f476db072e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)

0x602000000038 is located 0 bytes to the right of 8-byte region [0x602000000030,0x602000000038)
allocated by thread T0 here:
    #0 0x7f476f3b62b0 in malloc (/usr/local/lib64/libasan.so.5+0xe82b0)
    #3 0x7f476db072e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)

Shadow bytes around the buggy address:
  0x0c047fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c047fff8000: fa fa 00 00 fa fa 00[fa]fa fa fd fa fa fa fd fa
  0x0c047fff8010: fa fa fd fa fa fa 00 fa fa fa fa fa fa fa fa fa
  0x0c047fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==30==ABORTING

The part 3: the test code and result

#include <stdlib.h>

/**
 * Note: The returned array must be malloced, assume caller calls free().
 */
int* twoSum(int* nums, int numsSize, int target, int* returnSize){
    int i, j;
    
    returnSize = (int *)malloc(sizeof(int) * 2);
    
    for (i=0; i<numsSize-1; i++)
    {
        for (j=i+1; j < numsSize; j++)
        {
            if (target == nums[i] + nums[j])
            {
                returnSize[0] = i;
                returnSize[1] = j;
                
                return returnSize;
            }
        }
    }
    return NULL;
}

int main()
{
	int num[] = {1,2,3,4,5,6,7,8,12,25,56,67,88,100};
	int target = 167;
	int *result = NULL;

	result = twoSum(num, sizeof(num), target, result);
	if (result != NULL)
	{
		printf("The index of the target is %d and %d\n", result[0], result[1]);
		free(result);
	}

hanwu@hanwu:/media/hanwu/Software/work/leetcode/twoSum$ ./a.out 
The index of the target is 11 and 13
hanwu@hanwu:/media/hanwu/Software/work/leetcode/twoSum$