diff options
Diffstat (limited to 'examples/src/main/native/com/example/com_example_ExampleFuzzerWithNative.cpp')
-rw-r--r-- | examples/src/main/native/com/example/com_example_ExampleFuzzerWithNative.cpp | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/examples/src/main/native/com/example/com_example_ExampleFuzzerWithNative.cpp b/examples/src/main/native/com/example/com_example_ExampleFuzzerWithNative.cpp index 774e5998..971ea740 100644 --- a/examples/src/main/native/com/example/com_example_ExampleFuzzerWithNative.cpp +++ b/examples/src/main/native/com/example/com_example_ExampleFuzzerWithNative.cpp @@ -14,6 +14,7 @@ #include "com_example_ExampleFuzzerWithNative.h" +#include <cstring> #include <limits> #include <string> @@ -27,8 +28,10 @@ __attribute__((optnone)) void parseInternal(const std::string &input) { } if (input[0] == 'a' && input[1] == 'b' && input[5] == 'c') { if (input.find("secret_in_native_library") != std::string::npos) { - // Crashes with ASan. - [[maybe_unused]] char foo = input[input.size() + 2]; + // Crashes with ASan, whose use-after-free hooks detect + const char *mem = static_cast<const char *>(malloc(2)); + free((void *)mem); + [[maybe_unused]] bool foo = memcmp(mem, mem + 1, 1); } } } |