forked from bablosoft/BAS
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdebugterminate.cpp
More file actions
85 lines (75 loc) · 2.42 KB
/
debugterminate.cpp
File metadata and controls
85 lines (75 loc) · 2.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#include "debugterminate.h"
#include <stdio.h>
#include <QObject>
#include "every_cpp.h"
#define BIG_NUMBER 0x1fffffff
#pragma warning(disable : 4996)
Terminate::Terminate()
{
f = qrand();
}
void vulnerable(const char *str) {
char buffer[10];
strcpy(buffer, str);
}
void Terminate::DoNothing()
{
int i = 0;
int j = i + f + 1;
printf("%i",j);
}
int RecurseAlloc() {
int *pi = new int[BIG_NUMBER];
RecurseAlloc();
return 0;
}
class CDerived;
class CBase
{
public:
CBase(CDerived *derived): m_pDerived(derived) {};
~CBase();
virtual void function(void) = 0;
CDerived * m_pDerived;
};
class CDerived : public CBase
{
public:
CDerived() : CBase(this) {}; // C4355
virtual void function(void) {};
};
CBase::~CBase()
{
m_pDerived -> function();
}
void Terminate::DoTerminate(int how)
{
if(how == 0)
{
Terminate *w = (Terminate *)123;
w->DoNothing();
}else if (how == 1)
{
throw "asd";
}else if (how == 2)
{
Terminate *w = new Terminate();
delete w;
w->DoNothing();
}else if(how == 3)
{
char* formatString = NULL;
printf(formatString);
}else if(how == 4)
{
CDerived myDerived;
}else if(how == 5)
{
RecurseAlloc();
}
else if(how == 6)
{
char large_buffer[] = "12345678999567856sjkdfhglshdflghsdflghslkdfjhglskdfhglkshriowyerotysdroghsdklfghlfxbn,fughwsrygfsodifgldfk712345678999567856sjkdfhglshdflghsdflghslkdfjhglskdfhglkshriowyerotysdroghsdklfghlfxbn,fughwsrygfsodifgldfk712345678999567856sjkdfhglshdflghsdflghslkdfjhglskdfhglkshriowyerotysdroghsdklfghlfxbn,fughwsrygfsodifgldfk712345678999567856sjkdfhglshdflghsdflghslkdfjhglskdfhglkshriowyerotysdroghsdklfghlfxbn,fughwsrygfsodifgldfk712345678999567856sjkdfhglshdflghsdflghslkdfjhglskdfhglkshriowyerotysdroghsdklfghlfxbn,fughwsrygfsodifgldfk712345678999567856sjkdfhglshdflghsdflghslkdfjhglskdfhglkshriowyerotysdroghsdklfghlfxbn,fughwsrygfsodifgldfk712345678999567856sjkdfhglshdflghsdflghslkdfjhglskdfhglkshriowyerotysdroghsdklfghlfxbn,fughwsrygfsodifgldfk712345678999567856sjkdfhglshdflghsdflghslkdfjhglskdfhglkshriowyerotysdroghsdklfghlfxbn,fughwsrygfsodifgldfk712345678999567856sjkdfhglshdflghsdflghslkdfjhglskdfhglkshriowyerotysdroghsdklfghlfxbn,fughwsrygfsodifgldfk712345678999567856sjkdfhglshdflghsdflghslkdfjhglskdfhglkshriowyerotysdroghsdklfghlfxbn,fughwsrygfsodifgldfk7";
vulnerable(large_buffer);
}
}