#include <stdlib.h>
#include <stdio.h>
static void* return_arg(void* p);
int frame3 ( void )
{
int *a = malloc(10 * sizeof(int));
// bad address;
int n = a[10];
// undefined condition
if (a[5] == 42) {
printf("hello from frame3(). The answer is 42.\n");
} else {
printf("hello from frame3(). The answer is not 42.\n");
}
// undefined address (careful ..)
n = a[ a[0] & 7 ];
// invalid free, the second time
free(a);
free(a);
// more invalid frees
free(return_arg(&n));
// leak ..
a = malloc(99 * sizeof(int));
// pass garbage to the exit syscall
return n;
}
int frame2 ( void )
{
return frame3() - 1;
}
int frame1 ( void )
{
return frame2() + 1;
}
int main ( void )
{
return frame1() - 1;
}
/*
* The only purpose of the function below is to make sure that gcc 4.4.x does
* not print the following warning during the compilation of this test program:
* warning: attempt to free a non-heap object
*/
static void* return_arg(void* p)
{
return p;
}