/*
 * Taken from Very Secure FTPd
 * Licence: GPL
 * Author: Chris Evans
 * Modified: Jason Tishler
 *
 * Here are some routines providing the (possibly silly) concept of a secure
 * buffer. A secure buffer may not be overflowed. A single byte overflow
 * will cause the program to safely terminate.
 */

#include <unistd.h>
#include <sys/mman.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <stdlib.h>

void
vsf_secbuf_alloc(char** p_ptr, unsigned int size)
{
  unsigned int page_offset;
  unsigned int round_up;
  char* p_mmap;
  char* p_no_access_page;
  unsigned int page_size = getpagesize();

  /* Round up to next page size */
  page_offset = size % page_size;
  if (page_offset)
  {
    unsigned int num_pages = size / page_size;
    num_pages++;
    round_up = num_pages * page_size;
  }
  else
  {
    /* Allocation is on a page-size boundary */
    round_up = size;
  }
  /* Add on another two pages to make inaccessible */
  round_up += page_size * 2;

  p_mmap = mmap(0, round_up, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANON,
		-1, 0);
  /* Map the first and last page inaccessible */
  p_no_access_page = p_mmap + round_up - page_size;
  mprotect(p_no_access_page, page_size, PROT_NONE);
  p_no_access_page = p_mmap;
  mprotect(p_no_access_page, page_size, PROT_NONE);

  p_mmap += page_size;
  if (page_offset)
  {
    p_mmap += (page_size - page_offset);
  }
  *p_ptr = p_mmap;
}

int
main()
{
  char* p_sec_buf = 0;
  pid_t pid =0;

  vsf_secbuf_alloc(&p_sec_buf, 2000);
  pid = fork();
  if (pid > 0)
    wait(0);

  exit(0);
}