Interprete

Specification Issues

Access freed memory to avoid incrementing the reference count when pushing reference types onto the stack (such as function arguments).

^int a.new(1);

f(a);

void f(^int a)

{

.a.new(0);

a<> = 0;//memory corruption

}

If the length of the array that can be appended is extended, the pointer passed by reference will still point to the freed memory.

%int a;

f(a.new[0]=);

void f(int a=)

{

.a.new[9];

a = 0;//memory corruption

}

Objects are destroyed and pointers to class members continue to point to freed memory even while executing member functions.

^&C a.new(1);

a~f();

&C

{

int b;

public void f()

{

.a.new(0);

b = 0;//memory corruption`

}

If you extend the length of the array that can be appended, pointers to class members will still point to freed memory.

%&C a.new[0].f();

&C

{

int b;

public void f()

{

.a.new[9];

b = 0;//memory corruption`

}

Anonymous function recursion destroys the anonymous function's local variables and arguments.

void f()

{

int a = 0;

~$int(int) d = [int(int b){

int c = b;

if(b == a) c += d(:b+1:);

ret b + c;

}];

int e = d(:a:); // e becomes 3

}

f();

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Interprete

Specification Issues

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally