1 2#include <stdlib.h> 3#include <stdio.h> 4 5static void* return_arg(void* p); 6int frame3 ( void ) 7{ 8 int *a = malloc(10 * sizeof(int)); 9 10 // bad address; 11 int n = a[10]; 12 13 // undefined condition 14 if (a[5] == 42) { 15 printf("hello from frame3(). The answer is 42.\n"); 16 } else { 17 printf("hello from frame3(). The answer is not 42.\n"); 18 } 19 20 // undefined address (careful ..) 21 n = a[ a[0] & 7 ]; 22 23 // invalid free, the second time 24 free(a); 25 free(a); 26 27 // more invalid frees 28 free(return_arg(&n)); 29 30 // leak .. 31 a = malloc(99 * sizeof(int)); 32 33 // pass garbage to the exit syscall 34 return n; 35} 36 37int frame2 ( void ) 38{ 39 return frame3() - 1; 40} 41 42int frame1 ( void ) 43{ 44 return frame2() + 1; 45} 46 47int main ( void ) 48{ 49 return frame1() - 1; 50} 51 52/* 53 * The only purpose of the function below is to make sure that gcc 4.4.x does 54 * not print the following warning during the compilation of this test program: 55 * warning: attempt to free a non-heap object 56 */ 57static void* return_arg(void* p) 58{ 59 return p; 60} 61 62