Description
Double free exploit code. On line 40, the first chunk is free but it was already done on line 37. Allocating the fifth chunk on line 39 causes memory to being split off from the thirf chunk and this result in the first chunk being moved to a regular bin.
From "Secure Coding in C and C++" by Robert C. Seacord.
Page 119, Figure 4-21
Flaws
Have any comments on this test case? Please, send us an email.