1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 | #include <stdio.h>
#include <stdlib.h>
#include <stdbool.h>
#include <assert.h>
#include "log_macros.h"
// BUG: Invalid Write (buffer overflow)
int* create_array_of_three_ints(int n1, int n2, int n3) {
int num_numbers = 3;
// Allocate a buffer (area of memory) on the heap sufficienit for 4 int's.
int* numbers = malloc(sizeof(*numbers) * num_numbers);
numbers[0] = n1;
numbers[1] = n2;
numbers[2] = n3;
numbers[3] = 99; // BUG: Writing past the end of the buffer (buffer overflow)
numbers[4] = 88; // BUG: Writing past the end of the buffer (buffer overflow)
return numbers;
}
int main(int argc, char* argv[]) {
int* numbers = create_array_of_three_ints(10, 11, 12);
log_int( numbers[0] );
log_int( numbers[1] );
log_int( numbers[2] );
// Free (deallocate) the buffer on the heap.
free(numbers);
return EXIT_SUCCESS;
}
/* vim: set tabstop=4 shiftwidth=4 fileencoding=utf-8 noexpandtab: */
|
© Copyright 2022 Alexander J. Quinn This content is protected and may not be shared, uploaded, or distributed.