| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame] | 1 | /* exercise a bug found in malloc-standard when alignment |
| 2 | * values are out of whack and cause a small overflow into |
| 3 | * actual user data. |
| 4 | */ |
| 5 | |
| 6 | #include <stdio.h> |
| 7 | #include <stdlib.h> |
| 8 | #include <sys/types.h> |
| 9 | |
| 10 | #define ok(p) ((void*)p > (void*)0x1000) |
| 11 | #define x \ |
| 12 | do { \ |
| 13 | printf("%i: phead = %p, phead->link @ %p = %p %s\n", \ |
| 14 | __LINE__, phead, \ |
| 15 | ok(phead) ? &phead->link : 0, \ |
| 16 | ok(phead) ? phead->link : 0, \ |
| 17 | ok(phead) ? phead->link == 0 ? "" : "!!!!!!!!!!!" : ""); \ |
| 18 | if (phead->link != NULL) exit(1); \ |
| 19 | } while (0); |
| 20 | |
| 21 | struct llist_s { |
| 22 | void *data; |
| 23 | struct llist_s *link; |
| 24 | } *phead; |
| 25 | |
| 26 | int main(int argc, char *argv[]) |
| 27 | { |
| 28 | char *line, *reg; |
| 29 | |
| 30 | setbuf(stdout, NULL); |
| 31 | setbuf(stderr, NULL); |
| 32 | |
| 33 | phead = malloc(sizeof(*phead)); |
| 34 | phead->link = NULL; |
| 35 | |
| 36 | x line = malloc(80); |
| 37 | x line = realloc(line, 2); |
| 38 | x reg = malloc(32); |
| 39 | x free(line); |
| 40 | |
| 41 | x return 0; |
| 42 | } |