1 #include <iostream>
2 #include <fstream>
3 
4 #define EXIT_SUCCESS 0
5 #define EXIT_FAILURE 1
6 #define EXIT_VULNERABLE 113
7 
main(int argc,char * argv[])8 int main(int argc, char *argv[]) {
9     if (argc == 2) {
10         std::string expected = "memory_corrupt";
11         if (expected.compare(argv[1]) != 0) {
12             std::cout << "unknown command" << std::endl;
13             return EXIT_FAILURE;
14         }
15         std::cout << "attempting a memory access violation" << std::endl;
16         *((unsigned int*)0x00000074726630b0) = 0xBAD;
17         return EXIT_SUCCESS;
18     }
19 
20     if (argc != 3) {
21         std::cout << "unknown commands" << std::endl;
22         return EXIT_FAILURE;
23     }
24 
25     std::ifstream f(argv[1]);
26     if (f.is_open()) {
27         // the host test can either check exit code or stdout
28         std::cout << "Hello " << f.rdbuf() << "! " << argv[2] << std::endl;
29         // please don't use a test-controlled value in a security report
30         std::string expected = "secure";
31         if (expected.compare(argv[2]) != 0) {
32             return EXIT_VULNERABLE;
33         } else {
34             return EXIT_SUCCESS;
35         }
36     } else {
37         std::cout << "could not open file" << std::endl;
38         return EXIT_FAILURE;
39     }
40 }
41