blob: 1b4c9b8a048eef31b2f1843ae121fa633a3f1485 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
/* exercise a bug found in malloc-standard when alignment
* values are out of whack and cause a small overflow into
* actual user data.
*/
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#define ok(p) ((void*)p > (void*)0x1000)
#define x \
do { \
printf("%i: phead = %p, phead->link @ %p = %p %s\n", \
__LINE__, phead, \
ok(phead) ? &phead->link : 0, \
ok(phead) ? phead->link : 0, \
ok(phead) ? phead->link == 0 ? "" : "!!!!!!!!!!!" : ""); \
if (phead->link != NULL) exit(1); \
} while (0);
struct llist_s {
void *data;
struct llist_s *link;
} *phead;
int main()
{
char *line, *reg;
setbuf(stdout, NULL);
setbuf(stderr, NULL);
phead = malloc(sizeof(*phead));
phead->link = NULL;
x line = malloc(80);
x line = realloc(line, 2);
x reg = malloc(32);
x free(line);
x return 0;
}
|