blob: 7a2968b71be187f28f1d5f6c5f7857479ba7ca48 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
typedef struct {int dims[0]; } *A;
f(unsigned long obj)
{
unsigned char y = obj >> 24;
y &= ~4;
if ((y==0)||(y!=251 ))
abort();
if(((int)obj&7)!=7)return;
REST_OF_CODE_JUST_HERE_TO_TRIGGER_THE_BUG:
{
unsigned char t = obj >> 24;
if (!(t==0)&&(t<=0x03))
return 0;
return ((A)(obj&0x00FFFFFFL))->dims[1];
}
}
long g(){return 0xff000000L;}
main (){int x;f(g());exit(0);}
|