Last active
January 17, 2016 23:13
-
-
Save vi/0e9cb2b0f74e61e3b331 to your computer and use it in GitHub Desktop.
Crashing Safe Rust code with OS help
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// This code demonstrates that with OS's external help | |
// one can crash even Safe Rust's code | |
// Implemented by Vitaly "_Vi" Shukela | |
use std::process::Command; | |
fn getpid() -> i32 { | |
let so = Command::new("sh") | |
.arg("-c") | |
.arg("cat /proc/$$/status | grep PPid: | awk '{print $2}'") | |
.output() | |
.unwrap() | |
.stdout; | |
String::from_utf8(so).unwrap().trim().parse().unwrap() | |
} | |
fn hacky_ptr_write<T>(pointer: &T, value: u32) { | |
Command::new("gdb") | |
.arg("-batch").arg("-quiet") | |
.arg("-pid").arg(format!("{}", getpid())) | |
.arg("-ex") | |
.arg(format!("set {{unsigned long}}{:p} = {}", pointer, value)) | |
.output() | |
.unwrap(); | |
} | |
fn main() { | |
let mut q = &mut Box::new(55); | |
hacky_ptr_write(&q, 0); | |
*q = Box::new(44); // SEGV | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment