/rustsafecrash.rs
Last active Jan 17, 2016
Crashing Safe Rust code with OS help
| // This code demonstrates that with OS's external help | |
| // one can crash even Safe Rust's code | |
| // Implemented by Vitaly "_Vi" Shukela | |
| use std::process::Command; | |
| fn getpid() -> i32 { | |
| let so = Command::new("sh") | |
| .arg("-c") | |
| .arg("cat /proc/$$/status | grep PPid: | awk '{print $2}'") | |
| .output() | |
| .unwrap() | |
| .stdout; | |
| String::from_utf8(so).unwrap().trim().parse().unwrap() | |
| } | |
| fn hacky_ptr_write<T>(pointer: &T, value: u32) { | |
| Command::new("gdb") | |
| .arg("-batch").arg("-quiet") | |
| .arg("-pid").arg(format!("{}", getpid())) | |
| .arg("-ex") | |
| .arg(format!("set {{unsigned long}}{:p} = {}", pointer, value)) | |
| .output() | |
| .unwrap(); | |
| } | |
| fn main() { | |
| let mut q = &mut Box::new(55); | |
| hacky_ptr_write(&q, 0); | |
| *q = Box::new(44); // SEGV | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment