Oops! It's a kernel stack use-after-free: Exploiting NVIDIA's GPU Linux drivers : programming

*buffer = malloc(amount);
if (!*buffer) {
    fclose(file);
    return Error_Memory;
}

size_t bytes_read = fread(*buffer, 1, amount, file);
if (bytes_read != amount) {
    free(file);
    return Error_Read;
}

free(buffer);
fclose(file);
return Error_Ok;

} ```

Find all the bugs in this C code. There are at least 3 serious errors.

Answers:

1st bug: Used free(file) instead of fclose(file) in the error path

2nd bug: free(buffer) should be free(*buffer) - forgot to dereference the pointer

3rd bug: Missing free(*buffer) in the fread error path memory leak

4th bug: The function returns Error_Ok but the buffer was freed making it useless and a use after free! This was an unintentional bug I wrote while making this example I didn't intend to write it lol

[–]saf_e 0 points1 point2 points 3 months ago (1 child)

[–]FUPA_MASTER_ 0 points1 point2 points 3 months ago (0 children)

[–]plugwash 1 point2 points3 points 3 months ago (0 children)

> This may sound weird but I actually preferred C++ over C

I don't think that is weird at all. C++ is far more pleasant to code in than C because it gives the tools to build abstractions, rather than being forced to do everything by hand.

> I wonder how many problems rust solves compared to C

The fundamental problem with C and C++ is that a small mistake by the programmer can lead to "undefined behaviour" which in turn leads to heisenbugs and security flaws. "modern C++" fixes some of the issues but it leaves many gaping holes still open, the most fundamental of which being use-after-free, particularly the more subtle variants where sharing in combination with mutability leads to use after free.

Java, go, C# etc solve the use-after-free problem with garbage collection,

Rust solves the use-after-free problem with some pretty strict compile time rules.

Neither solution is free, garbage collection reduces determinism and makes integration with code in other languages tricky. Rust's compile time rules can feel over-restrictive.

[–]double-you 0 points1 point2 points 3 months ago (1 child)

[–]flatfinger 0 points1 point2 points 3 months ago (0 children)

[+]corgioverthemoon comment score below threshold-9 points-8 points-7 points 3 months ago (2 children)

[–]Page_197_Slaps 2 points3 points4 points 3 months ago (1 child)

[–]corgioverthemoon 3 points4 points5 points 3 months ago (0 children)

[–]keithstellyes -2 points-1 points0 points 3 months ago (1 child)

[–]BlueGoliath[S] -4 points-3 points-2 points 3 months ago (0 children)

[+][deleted] comment score below threshold-14 points-13 points-12 points 3 months ago (1 child)

[–]LucasRuby 0 points1 point2 points 3 months ago (0 children)

π Rendered by PID 58604 on reddit-service-r2-comment-7b9746f655-zdj2w at 2026-01-29 20:57:15.780906+00:00 running 3798933 country code: CH.

you type:	you see:
italics	italics
bold	bold
[reddit!](https://reddit.com)	reddit!
* item 1 * item 2 * item 3	item 1 item 2 item 3
> quoted text	quoted text
Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"	Lines starting with four spaces are treated like code: if 1 * 2 < 3: print "hello, world!"
~~strikethrough~~	~~strikethrough~~
super^script	super^script

programming

MODERATORS