mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-09 19:45:13 +02:00
16 lines
548 B
C
16 lines
548 B
C
/* Phase 19 (Track M.1) — class-method vuln fixture for C.
|
|
*
|
|
* C has no class system; the harness calls a free function whose name
|
|
* follows the `<Class>_<method>` convention (`UserService_run`). The
|
|
* function piping `input` straight into `system(3)` is the SINK. */
|
|
#include <stdlib.h>
|
|
#include <stdio.h>
|
|
#include <string.h>
|
|
|
|
void UserService_run(const char *input, size_t len) {
|
|
(void)len;
|
|
char buf[512];
|
|
snprintf(buf, sizeof(buf), "true %s", input ? input : "");
|
|
/* SINK: tainted input → system(3) */
|
|
system(buf);
|
|
}
|