As long as you don't try to do any more mm once you've allocated with
malloc(0), and as long as you haven't done any previous allocations with
malloc, you should be able to scribble all over malloc. In fact, if you
want, I think you can scribble all over your own stack without causing
Linux any trouble.
I'm guessing (and this is only an educated guess), that you could do some
really strange things like
void scribble(void)
{
int x[50];
do_scribble(x);
}
void do_scribble(int *x)
{
char y[50];
x[70]=54;
x[71]=32;
x[50]=3;x[51]=12; /* watch out */
}
void main(void)
{
scribble();
}
Depending how the storage structure works for your C compiler (sorry, I
don't remember), this COULD scribble integers onto your character
array. The line marked "watch out" COULD severely scribble the return
pointer and make the program crash in really ugly ways. Alternatively, it
might not. Depends how you stack it.
As a less severe example, if you want, you can do something really funky like
x=(char *)malloc(100);
x=(char *)realloc (x,50);
y=x+50; /*could be a fencepost error: not worth my time to check*/
Writing to y will scribble on malloc's territory, but as long as you don't
call malloc again, you should be fine. This way you can get any amount of
scribble space. Of course, this only works on normal versions of malloc
that don't try to return memory to the OS, etc.
--
This message has been brought to you by the letter alpha and the number pi.
David Feuer
[email protected]