Created
September 3, 2013 02:37
-
-
Save Rhomboid/6419142 to your computer and use it in GitHub Desktop.
Interesting integer signed overflow testcase
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <string.h> | |
| int main(void) | |
| { | |
| char t[] = "abcdefghijklmnopqrstuvwxyz"; | |
| for (int i = 0, n = strlen(t); i < n; i++) | |
| { | |
| if (t[i] >= 'a' && t[i] <= 'z') | |
| { | |
| while ((t[i] - 13) < 'a') | |
| { | |
| t[i] += 26; | |
| } | |
| printf("%c", (t[i] - 13)); | |
| } | |
| } | |
| printf("\n"); | |
| } | |
| // output with clang -std=c99 at any optimization level: | |
| // nopqrabcdabcdabcdefghijklm |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # clang -Os output: | |
| .file "20130902.c" | |
| .text | |
| .globl main | |
| .type main,@function | |
| main: # @main | |
| # BB#0: | |
| push EDI | |
| push ESI | |
| sub ESP, 52 | |
| lea ESI, DWORD PTR [ESP + 25] | |
| mov DWORD PTR [ESP], ESI | |
| mov DWORD PTR [ESP + 8], 27 | |
| mov DWORD PTR [ESP + 4], .Lmain.t | |
| call memcpy | |
| mov DWORD PTR [ESP], ESI | |
| call strlen | |
| mov ESI, EAX | |
| test ESI, ESI | |
| jle .LBB0_9 | |
| # BB#1: | |
| xor EDI, EDI | |
| mov AL, 97 | |
| jmp .LBB0_2 | |
| .LBB0_8: # %._crit_edge9 | |
| # in Loop: Header=BB0_2 Depth=1 | |
| mov AL, BYTE PTR [ESP + EDI + 25] | |
| .LBB0_2: # %.lr.ph5 | |
| # =>This Loop Header: Depth=1 | |
| # Child Loop BB0_4 Depth 2 | |
| mov CL, AL | |
| add CL, -97 | |
| cmp CL, 25 | |
| ja .LBB0_7 | |
| # BB#3: # %.preheader | |
| # in Loop: Header=BB0_2 Depth=1 | |
| movsx ECX, AL | |
| add ECX, -13 | |
| cmp ECX, 96 | |
| jg .LBB0_6 | |
| .LBB0_4: # %.lr.ph | |
| # Parent Loop BB0_2 Depth=1 | |
| # => This Inner Loop Header: Depth=2 | |
| add AL, 26 | |
| movsx ECX, AL | |
| add ECX, -13 | |
| cmp ECX, 97 | |
| jl .LBB0_4 | |
| # BB#5: # %._crit_edge | |
| # in Loop: Header=BB0_2 Depth=1 | |
| mov BYTE PTR [ESP + EDI + 25], AL | |
| .LBB0_6: # in Loop: Header=BB0_2 Depth=1 | |
| mov DWORD PTR [ESP], ECX | |
| call putchar | |
| .LBB0_7: # in Loop: Header=BB0_2 Depth=1 | |
| inc EDI | |
| cmp EDI, ESI | |
| jne .LBB0_8 | |
| .LBB0_9: # %._crit_edge6 | |
| mov DWORD PTR [ESP], 10 | |
| call putchar | |
| xor EAX, EAX | |
| add ESP, 52 | |
| pop ESI | |
| pop EDI | |
| ret | |
| .Ltmp0: | |
| .size main, .Ltmp0-main | |
| .type .Lmain.t,@object # @main.t | |
| .section .rodata.str1.1,"aMS",@progbits,1 | |
| .Lmain.t: | |
| .asciz "abcdefghijklmnopqrstuvwxyz" | |
| .size .Lmain.t, 27 | |
| .section ".note.GNU-stack","",@progbits |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment