1#include <stdlib.h> 2#include <unistd.h> 3#include <sys/syscall.h> 4 5int main(void) 6{ 7 // uninitialised, but we know pi[0] is 0x0 8 int* pi = malloc(sizeof(int)); 9 10 // uninitialised, but we know pc[0] points to 0x0 11 char** pc = malloc(sizeof(char*)); 12 13 // Five errors: 14 // - the syscall number itself is undefined (but we know it's 15 // 0 + __NR_write :) 16 // - each of the scalar args are undefined 17 // - the 2nd arg points to unaddressable memory. 18 syscall(pi[0]+__NR_write, pi[0], pc[0], pi[0]+1); 19 20 return 0; 21} 22 23