Skip to content

Instantly share code, notes, and snippets.

@murx-

murx-/test2_do_not_optimize.c Secret

Created Nov 26, 2020
Embed
What would you like to do?
Example of a vulnerable program for a blogpost.
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
void vuln(char *buf, char third) {
memset(buf, 0, 128);
if (buf != NULL) {
buf[1] = 'b';
buf[2] = third;
printf("%p\n", buf);
free(buf);
printf("Freed %c", third);
}
else
puts("Already freed!");
}
int main() {
char buf[100];
int len = read(0, &buf, 99);
buf[len] = '\x00';
char *buf2 = malloc(128);
if (buf[0] == '0')
vuln(buf2, buf[0]);
if (buf[0] == '1')
vuln(buf2, buf[0]);
if (buf[0] == '2')
vuln(buf2, buf[0]);
if (buf[0] == '3')
vuln(buf2, buf[0]);
if (buf[0] == '4')
vuln(buf2, buf[0]);
if (buf[0] == '5')
vuln(buf2, buf[0]);
if (buf[0] == '6')
vuln(buf2, buf[0]);
if (buf[0] == '7')
vuln(buf2, buf[0]);
if (buf[0] == '8')
vuln(buf2, buf[0]);
if (buf[0] == '9')
vuln(buf2, buf[0]);
free(buf2);
return 0;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment