{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 虎瘦雄心在 的问题《Does this code contain use-after-free?》','https://www.manongdao.com/q-1158515.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
int f2(char* x, int f) {
int i=0;
free(x);
if(f) {
printf("%s", x);
return 1;
}
return 0;
}
int main(int argc, char argv) {
char* x = malloc(10);
return f2(x, argc);
}
Is passing freed pointer to printf considered use-after free?
You'll get undefined behaviour (google that term) several times:
in
f2you are dereferencingxonce it has been freed, becauseprintfingxwith the%sformat specifier will dereferencex, or in other words it will access the memory pointed byx, and that memory will have undetermined content after callingfree.even if you remove the
free(x), you still get undefined behaviour, because then you areprintfingx, whilexis pointing to valid but non initialized memory.