safecode/test/mem_safety/use_after_free/use_after_free-017.c - llvm-archive - Git at Google

 /* Use longjmp() to access a string after it has been free'd. */

 #include <setjmp.h>
 #include <string.h>
 #include <stdlib.h>
 #include <stdio.h>

 void f(char *string)
 {
   char *ptr = strstr(string, "string");
   jmp_buf buf;
   if (setjmp(buf) != 0)
     strcpy(ptr, "freed string");
   else
   {
     free(string);
     longjmp(buf, 1);
   }
 }

 int main()
 {
   char *ptr;
   ptr = malloc(100);
   strcpy(ptr, "a string");
   f(ptr);
   printf("%s\n", ptr);
   return 0;
 }
	/* Use longjmp() to access a string after it has been free'd. */

	#include <setjmp.h>
	#include <string.h>
	#include <stdlib.h>
	#include <stdio.h>

	void f(char *string)
	{
	char *ptr = strstr(string, "string");
	jmp_buf buf;
	if (setjmp(buf) != 0)
	strcpy(ptr, "freed string");
	else
	{
	free(string);
	longjmp(buf, 1);
	}
	}

	int main()
	{
	char *ptr;
	ptr = malloc(100);
	strcpy(ptr, "a string");
	f(ptr);
	printf("%s\n", ptr);
	return 0;
	}