diff options
| author | van Hauser <vh@thc.org> | 2021-08-20 23:54:59 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-08-20 23:54:59 +0200 |
| commit | 2e15661f184c77ac1fbb6f868c894e946cbb7f17 (patch) | |
| tree | 665b9368d2c1908cf71dbc4a76517f88c5317d9a /frida_mode/test/osx-lib/lib2.c | |
| parent | 32a0d6ac31554a47dca591f8978982758fb87677 (diff) | |
| parent | ca9c87dd45d8b9a746a212cbc6ce85b78b637d8c (diff) | |
| download | afl++-2e15661f184c77ac1fbb6f868c894e946cbb7f17.tar.gz | |
Merge pull request #1074 from AFLplusplus/dev
push to stable
Diffstat (limited to 'frida_mode/test/osx-lib/lib2.c')
| -rw-r--r-- | frida_mode/test/osx-lib/lib2.c | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/frida_mode/test/osx-lib/lib2.c b/frida_mode/test/osx-lib/lib2.c new file mode 100644 index 00000000..ba207210 --- /dev/null +++ b/frida_mode/test/osx-lib/lib2.c @@ -0,0 +1,61 @@ +#include <stdio.h> +#include <stdlib.h> +#include <stdint.h> +#include <string.h> + + +void __attribute__((noinline)) crashme(const uint8_t *Data, size_t Size) { + + if (Size < 1) return; + + char *buf = malloc(10); + + if (buf == NULL) return; + + switch (Data[0]) { + + /* Underflow */ + case 'U': + printf("Underflow\n"); + buf[-1] = '\0'; + free(buf); + break; + /* Overflow */ + case 'O': + printf("Overflow\n"); + buf[10] = '\0'; + free(buf); + break; + /* Double free */ + case 'D': + printf("Double free\n"); + free(buf); + free(buf); + break; + /* Use after free */ + case 'A': + printf("Use after free\n"); + free(buf); + buf[0] = '\0'; + break; + /* Test Limits (OK) */ + case 'T': + printf("Test-Limits - No Error\n"); + buf[0] = 'A'; + buf[9] = 'I'; + free(buf); + break; + case 'M': + printf("Memset too many\n"); + memset(buf, '\0', 11); + free(buf); + break; + default: + printf("Nop - No Error\n"); + break; + + } + + +} + |