[pitboss] phase 19: Track M.1 — ClassMethod end-to-end (all langs)

This commit is contained in:
pitboss 2026-05-20 14:32:00 -05:00
parent 1b2f9cb7ca
commit b374f89577
35 changed files with 1894 additions and 41 deletions

View file

@ -0,0 +1,16 @@
/* Phase 19 (Track M.1) — class-method benign control for C. */
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
void UserService_run(const char *input, size_t len) {
(void)len;
/* Uses execve via fork; the shell never sees `input`. */
pid_t pid = fork();
if (pid == 0) {
char *argv[] = { (char*)"/bin/echo", (char*)(input ? input : ""), NULL };
execv("/bin/echo", argv);
_exit(127);
}
}

View file

@ -0,0 +1,16 @@
/* Phase 19 (Track M.1) — class-method vuln fixture for C.
*
* C has no class system; the harness calls a free function whose name
* follows the `<Class>_<method>` convention (`UserService_run`). The
* function piping `input` straight into `system(3)` is the SINK. */
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
void UserService_run(const char *input, size_t len) {
(void)len;
char buf[512];
snprintf(buf, sizeof(buf), "echo %s", input ? input : "");
/* SINK: tainted input → system(3) */
system(buf);
}