diff --git a/poc/1024DifferentPut.txt b/poc/1024DifferentPut.txt
new file mode 100644
index 0000000000000000000000000000000000000000..f344c2cb832ea9b0d5a4e79ebe78c4189e71c8e7
--- /dev/null
+++ b/poc/1024DifferentPut.txt
@@ -0,0 +1,1024 @@
+put 0 1 1
+put 1 1 1
+put 2 1 1
+put 3 1 1
+put 4 1 1
+put 5 1 1
+put 6 1 1
+put 7 1 1
+put 8 1 1
+put 9 1 1
+put 10 1 1
+put 11 1 1
+put 12 1 1
+put 13 1 1
+put 14 1 1
+put 15 1 1
+put 16 1 1
+put 17 1 1
+put 18 1 1
+put 19 1 1
+put 20 1 1
+put 21 1 1
+put 22 1 1
+put 23 1 1
+put 24 1 1
+put 25 1 1
+put 26 1 1
+put 27 1 1
+put 28 1 1
+put 29 1 1
+put 30 1 1
+put 31 1 1
+put 32 1 1
+put 33 1 1
+put 34 1 1
+put 35 1 1
+put 36 1 1
+put 37 1 1
+put 38 1 1
+put 39 1 1
+put 40 1 1
+put 41 1 1
+put 42 1 1
+put 43 1 1
+put 44 1 1
+put 45 1 1
+put 46 1 1
+put 47 1 1
+put 48 1 1
+put 49 1 1
+put 50 1 1
+put 51 1 1
+put 52 1 1
+put 53 1 1
+put 54 1 1
+put 55 1 1
+put 56 1 1
+put 57 1 1
+put 58 1 1
+put 59 1 1
+put 60 1 1
+put 61 1 1
+put 62 1 1
+put 63 1 1
+put 64 1 1
+put 65 1 1
+put 66 1 1
+put 67 1 1
+put 68 1 1
+put 69 1 1
+put 70 1 1
+put 71 1 1
+put 72 1 1
+put 73 1 1
+put 74 1 1
+put 75 1 1
+put 76 1 1
+put 77 1 1
+put 78 1 1
+put 79 1 1
+put 80 1 1
+put 81 1 1
+put 82 1 1
+put 83 1 1
+put 84 1 1
+put 85 1 1
+put 86 1 1
+put 87 1 1
+put 88 1 1
+put 89 1 1
+put 90 1 1
+put 91 1 1
+put 92 1 1
+put 93 1 1
+put 94 1 1
+put 95 1 1
+put 96 1 1
+put 97 1 1
+put 98 1 1
+put 99 1 1
+put 100 1 1
+put 101 1 1
+put 102 1 1
+put 103 1 1
+put 104 1 1
+put 105 1 1
+put 106 1 1
+put 107 1 1
+put 108 1 1
+put 109 1 1
+put 110 1 1
+put 111 1 1
+put 112 1 1
+put 113 1 1
+put 114 1 1
+put 115 1 1
+put 116 1 1
+put 117 1 1
+put 118 1 1
+put 119 1 1
+put 120 1 1
+put 121 1 1
+put 122 1 1
+put 123 1 1
+put 124 1 1
+put 125 1 1
+put 126 1 1
+put 127 1 1
+put 128 1 1
+put 129 1 1
+put 130 1 1
+put 131 1 1
+put 132 1 1
+put 133 1 1
+put 134 1 1
+put 135 1 1
+put 136 1 1
+put 137 1 1
+put 138 1 1
+put 139 1 1
+put 140 1 1
+put 141 1 1
+put 142 1 1
+put 143 1 1
+put 144 1 1
+put 145 1 1
+put 146 1 1
+put 147 1 1
+put 148 1 1
+put 149 1 1
+put 150 1 1
+put 151 1 1
+put 152 1 1
+put 153 1 1
+put 154 1 1
+put 155 1 1
+put 156 1 1
+put 157 1 1
+put 158 1 1
+put 159 1 1
+put 160 1 1
+put 161 1 1
+put 162 1 1
+put 163 1 1
+put 164 1 1
+put 165 1 1
+put 166 1 1
+put 167 1 1
+put 168 1 1
+put 169 1 1
+put 170 1 1
+put 171 1 1
+put 172 1 1
+put 173 1 1
+put 174 1 1
+put 175 1 1
+put 176 1 1
+put 177 1 1
+put 178 1 1
+put 179 1 1
+put 180 1 1
+put 181 1 1
+put 182 1 1
+put 183 1 1
+put 184 1 1
+put 185 1 1
+put 186 1 1
+put 187 1 1
+put 188 1 1
+put 189 1 1
+put 190 1 1
+put 191 1 1
+put 192 1 1
+put 193 1 1
+put 194 1 1
+put 195 1 1
+put 196 1 1
+put 197 1 1
+put 198 1 1
+put 199 1 1
+put 200 1 1
+put 201 1 1
+put 202 1 1
+put 203 1 1
+put 204 1 1
+put 205 1 1
+put 206 1 1
+put 207 1 1
+put 208 1 1
+put 209 1 1
+put 210 1 1
+put 211 1 1
+put 212 1 1
+put 213 1 1
+put 214 1 1
+put 215 1 1
+put 216 1 1
+put 217 1 1
+put 218 1 1
+put 219 1 1
+put 220 1 1
+put 221 1 1
+put 222 1 1
+put 223 1 1
+put 224 1 1
+put 225 1 1
+put 226 1 1
+put 227 1 1
+put 228 1 1
+put 229 1 1
+put 230 1 1
+put 231 1 1
+put 232 1 1
+put 233 1 1
+put 234 1 1
+put 235 1 1
+put 236 1 1
+put 237 1 1
+put 238 1 1
+put 239 1 1
+put 240 1 1
+put 241 1 1
+put 242 1 1
+put 243 1 1
+put 244 1 1
+put 245 1 1
+put 246 1 1
+put 247 1 1
+put 248 1 1
+put 249 1 1
+put 250 1 1
+put 251 1 1
+put 252 1 1
+put 253 1 1
+put 254 1 1
+put 255 1 1
+put 256 1 1
+put 257 1 1
+put 258 1 1
+put 259 1 1
+put 260 1 1
+put 261 1 1
+put 262 1 1
+put 263 1 1
+put 264 1 1
+put 265 1 1
+put 266 1 1
+put 267 1 1
+put 268 1 1
+put 269 1 1
+put 270 1 1
+put 271 1 1
+put 272 1 1
+put 273 1 1
+put 274 1 1
+put 275 1 1
+put 276 1 1
+put 277 1 1
+put 278 1 1
+put 279 1 1
+put 280 1 1
+put 281 1 1
+put 282 1 1
+put 283 1 1
+put 284 1 1
+put 285 1 1
+put 286 1 1
+put 287 1 1
+put 288 1 1
+put 289 1 1
+put 290 1 1
+put 291 1 1
+put 292 1 1
+put 293 1 1
+put 294 1 1
+put 295 1 1
+put 296 1 1
+put 297 1 1
+put 298 1 1
+put 299 1 1
+put 300 1 1
+put 301 1 1
+put 302 1 1
+put 303 1 1
+put 304 1 1
+put 305 1 1
+put 306 1 1
+put 307 1 1
+put 308 1 1
+put 309 1 1
+put 310 1 1
+put 311 1 1
+put 312 1 1
+put 313 1 1
+put 314 1 1
+put 315 1 1
+put 316 1 1
+put 317 1 1
+put 318 1 1
+put 319 1 1
+put 320 1 1
+put 321 1 1
+put 322 1 1
+put 323 1 1
+put 324 1 1
+put 325 1 1
+put 326 1 1
+put 327 1 1
+put 328 1 1
+put 329 1 1
+put 330 1 1
+put 331 1 1
+put 332 1 1
+put 333 1 1
+put 334 1 1
+put 335 1 1
+put 336 1 1
+put 337 1 1
+put 338 1 1
+put 339 1 1
+put 340 1 1
+put 341 1 1
+put 342 1 1
+put 343 1 1
+put 344 1 1
+put 345 1 1
+put 346 1 1
+put 347 1 1
+put 348 1 1
+put 349 1 1
+put 350 1 1
+put 351 1 1
+put 352 1 1
+put 353 1 1
+put 354 1 1
+put 355 1 1
+put 356 1 1
+put 357 1 1
+put 358 1 1
+put 359 1 1
+put 360 1 1
+put 361 1 1
+put 362 1 1
+put 363 1 1
+put 364 1 1
+put 365 1 1
+put 366 1 1
+put 367 1 1
+put 368 1 1
+put 369 1 1
+put 370 1 1
+put 371 1 1
+put 372 1 1
+put 373 1 1
+put 374 1 1
+put 375 1 1
+put 376 1 1
+put 377 1 1
+put 378 1 1
+put 379 1 1
+put 380 1 1
+put 381 1 1
+put 382 1 1
+put 383 1 1
+put 384 1 1
+put 385 1 1
+put 386 1 1
+put 387 1 1
+put 388 1 1
+put 389 1 1
+put 390 1 1
+put 391 1 1
+put 392 1 1
+put 393 1 1
+put 394 1 1
+put 395 1 1
+put 396 1 1
+put 397 1 1
+put 398 1 1
+put 399 1 1
+put 400 1 1
+put 401 1 1
+put 402 1 1
+put 403 1 1
+put 404 1 1
+put 405 1 1
+put 406 1 1
+put 407 1 1
+put 408 1 1
+put 409 1 1
+put 410 1 1
+put 411 1 1
+put 412 1 1
+put 413 1 1
+put 414 1 1
+put 415 1 1
+put 416 1 1
+put 417 1 1
+put 418 1 1
+put 419 1 1
+put 420 1 1
+put 421 1 1
+put 422 1 1
+put 423 1 1
+put 424 1 1
+put 425 1 1
+put 426 1 1
+put 427 1 1
+put 428 1 1
+put 429 1 1
+put 430 1 1
+put 431 1 1
+put 432 1 1
+put 433 1 1
+put 434 1 1
+put 435 1 1
+put 436 1 1
+put 437 1 1
+put 438 1 1
+put 439 1 1
+put 440 1 1
+put 441 1 1
+put 442 1 1
+put 443 1 1
+put 444 1 1
+put 445 1 1
+put 446 1 1
+put 447 1 1
+put 448 1 1
+put 449 1 1
+put 450 1 1
+put 451 1 1
+put 452 1 1
+put 453 1 1
+put 454 1 1
+put 455 1 1
+put 456 1 1
+put 457 1 1
+put 458 1 1
+put 459 1 1
+put 460 1 1
+put 461 1 1
+put 462 1 1
+put 463 1 1
+put 464 1 1
+put 465 1 1
+put 466 1 1
+put 467 1 1
+put 468 1 1
+put 469 1 1
+put 470 1 1
+put 471 1 1
+put 472 1 1
+put 473 1 1
+put 474 1 1
+put 475 1 1
+put 476 1 1
+put 477 1 1
+put 478 1 1
+put 479 1 1
+put 480 1 1
+put 481 1 1
+put 482 1 1
+put 483 1 1
+put 484 1 1
+put 485 1 1
+put 486 1 1
+put 487 1 1
+put 488 1 1
+put 489 1 1
+put 490 1 1
+put 491 1 1
+put 492 1 1
+put 493 1 1
+put 494 1 1
+put 495 1 1
+put 496 1 1
+put 497 1 1
+put 498 1 1
+put 499 1 1
+put 500 1 1
+put 501 1 1
+put 502 1 1
+put 503 1 1
+put 504 1 1
+put 505 1 1
+put 506 1 1
+put 507 1 1
+put 508 1 1
+put 509 1 1
+put 510 1 1
+put 511 1 1
+put 512 1 1
+put 513 1 1
+put 514 1 1
+put 515 1 1
+put 516 1 1
+put 517 1 1
+put 518 1 1
+put 519 1 1
+put 520 1 1
+put 521 1 1
+put 522 1 1
+put 523 1 1
+put 524 1 1
+put 525 1 1
+put 526 1 1
+put 527 1 1
+put 528 1 1
+put 529 1 1
+put 530 1 1
+put 531 1 1
+put 532 1 1
+put 533 1 1
+put 534 1 1
+put 535 1 1
+put 536 1 1
+put 537 1 1
+put 538 1 1
+put 539 1 1
+put 540 1 1
+put 541 1 1
+put 542 1 1
+put 543 1 1
+put 544 1 1
+put 545 1 1
+put 546 1 1
+put 547 1 1
+put 548 1 1
+put 549 1 1
+put 550 1 1
+put 551 1 1
+put 552 1 1
+put 553 1 1
+put 554 1 1
+put 555 1 1
+put 556 1 1
+put 557 1 1
+put 558 1 1
+put 559 1 1
+put 560 1 1
+put 561 1 1
+put 562 1 1
+put 563 1 1
+put 564 1 1
+put 565 1 1
+put 566 1 1
+put 567 1 1
+put 568 1 1
+put 569 1 1
+put 570 1 1
+put 571 1 1
+put 572 1 1
+put 573 1 1
+put 574 1 1
+put 575 1 1
+put 576 1 1
+put 577 1 1
+put 578 1 1
+put 579 1 1
+put 580 1 1
+put 581 1 1
+put 582 1 1
+put 583 1 1
+put 584 1 1
+put 585 1 1
+put 586 1 1
+put 587 1 1
+put 588 1 1
+put 589 1 1
+put 590 1 1
+put 591 1 1
+put 592 1 1
+put 593 1 1
+put 594 1 1
+put 595 1 1
+put 596 1 1
+put 597 1 1
+put 598 1 1
+put 599 1 1
+put 600 1 1
+put 601 1 1
+put 602 1 1
+put 603 1 1
+put 604 1 1
+put 605 1 1
+put 606 1 1
+put 607 1 1
+put 608 1 1
+put 609 1 1
+put 610 1 1
+put 611 1 1
+put 612 1 1
+put 613 1 1
+put 614 1 1
+put 615 1 1
+put 616 1 1
+put 617 1 1
+put 618 1 1
+put 619 1 1
+put 620 1 1
+put 621 1 1
+put 622 1 1
+put 623 1 1
+put 624 1 1
+put 625 1 1
+put 626 1 1
+put 627 1 1
+put 628 1 1
+put 629 1 1
+put 630 1 1
+put 631 1 1
+put 632 1 1
+put 633 1 1
+put 634 1 1
+put 635 1 1
+put 636 1 1
+put 637 1 1
+put 638 1 1
+put 639 1 1
+put 640 1 1
+put 641 1 1
+put 642 1 1
+put 643 1 1
+put 644 1 1
+put 645 1 1
+put 646 1 1
+put 647 1 1
+put 648 1 1
+put 649 1 1
+put 650 1 1
+put 651 1 1
+put 652 1 1
+put 653 1 1
+put 654 1 1
+put 655 1 1
+put 656 1 1
+put 657 1 1
+put 658 1 1
+put 659 1 1
+put 660 1 1
+put 661 1 1
+put 662 1 1
+put 663 1 1
+put 664 1 1
+put 665 1 1
+put 666 1 1
+put 667 1 1
+put 668 1 1
+put 669 1 1
+put 670 1 1
+put 671 1 1
+put 672 1 1
+put 673 1 1
+put 674 1 1
+put 675 1 1
+put 676 1 1
+put 677 1 1
+put 678 1 1
+put 679 1 1
+put 680 1 1
+put 681 1 1
+put 682 1 1
+put 683 1 1
+put 684 1 1
+put 685 1 1
+put 686 1 1
+put 687 1 1
+put 688 1 1
+put 689 1 1
+put 690 1 1
+put 691 1 1
+put 692 1 1
+put 693 1 1
+put 694 1 1
+put 695 1 1
+put 696 1 1
+put 697 1 1
+put 698 1 1
+put 699 1 1
+put 700 1 1
+put 701 1 1
+put 702 1 1
+put 703 1 1
+put 704 1 1
+put 705 1 1
+put 706 1 1
+put 707 1 1
+put 708 1 1
+put 709 1 1
+put 710 1 1
+put 711 1 1
+put 712 1 1
+put 713 1 1
+put 714 1 1
+put 715 1 1
+put 716 1 1
+put 717 1 1
+put 718 1 1
+put 719 1 1
+put 720 1 1
+put 721 1 1
+put 722 1 1
+put 723 1 1
+put 724 1 1
+put 725 1 1
+put 726 1 1
+put 727 1 1
+put 728 1 1
+put 729 1 1
+put 730 1 1
+put 731 1 1
+put 732 1 1
+put 733 1 1
+put 734 1 1
+put 735 1 1
+put 736 1 1
+put 737 1 1
+put 738 1 1
+put 739 1 1
+put 740 1 1
+put 741 1 1
+put 742 1 1
+put 743 1 1
+put 744 1 1
+put 745 1 1
+put 746 1 1
+put 747 1 1
+put 748 1 1
+put 749 1 1
+put 750 1 1
+put 751 1 1
+put 752 1 1
+put 753 1 1
+put 754 1 1
+put 755 1 1
+put 756 1 1
+put 757 1 1
+put 758 1 1
+put 759 1 1
+put 760 1 1
+put 761 1 1
+put 762 1 1
+put 763 1 1
+put 764 1 1
+put 765 1 1
+put 766 1 1
+put 767 1 1
+put 768 1 1
+put 769 1 1
+put 770 1 1
+put 771 1 1
+put 772 1 1
+put 773 1 1
+put 774 1 1
+put 775 1 1
+put 776 1 1
+put 777 1 1
+put 778 1 1
+put 779 1 1
+put 780 1 1
+put 781 1 1
+put 782 1 1
+put 783 1 1
+put 784 1 1
+put 785 1 1
+put 786 1 1
+put 787 1 1
+put 788 1 1
+put 789 1 1
+put 790 1 1
+put 791 1 1
+put 792 1 1
+put 793 1 1
+put 794 1 1
+put 795 1 1
+put 796 1 1
+put 797 1 1
+put 798 1 1
+put 799 1 1
+put 800 1 1
+put 801 1 1
+put 802 1 1
+put 803 1 1
+put 804 1 1
+put 805 1 1
+put 806 1 1
+put 807 1 1
+put 808 1 1
+put 809 1 1
+put 810 1 1
+put 811 1 1
+put 812 1 1
+put 813 1 1
+put 814 1 1
+put 815 1 1
+put 816 1 1
+put 817 1 1
+put 818 1 1
+put 819 1 1
+put 820 1 1
+put 821 1 1
+put 822 1 1
+put 823 1 1
+put 824 1 1
+put 825 1 1
+put 826 1 1
+put 827 1 1
+put 828 1 1
+put 829 1 1
+put 830 1 1
+put 831 1 1
+put 832 1 1
+put 833 1 1
+put 834 1 1
+put 835 1 1
+put 836 1 1
+put 837 1 1
+put 838 1 1
+put 839 1 1
+put 840 1 1
+put 841 1 1
+put 842 1 1
+put 843 1 1
+put 844 1 1
+put 845 1 1
+put 846 1 1
+put 847 1 1
+put 848 1 1
+put 849 1 1
+put 850 1 1
+put 851 1 1
+put 852 1 1
+put 853 1 1
+put 854 1 1
+put 855 1 1
+put 856 1 1
+put 857 1 1
+put 858 1 1
+put 859 1 1
+put 860 1 1
+put 861 1 1
+put 862 1 1
+put 863 1 1
+put 864 1 1
+put 865 1 1
+put 866 1 1
+put 867 1 1
+put 868 1 1
+put 869 1 1
+put 870 1 1
+put 871 1 1
+put 872 1 1
+put 873 1 1
+put 874 1 1
+put 875 1 1
+put 876 1 1
+put 877 1 1
+put 878 1 1
+put 879 1 1
+put 880 1 1
+put 881 1 1
+put 882 1 1
+put 883 1 1
+put 884 1 1
+put 885 1 1
+put 886 1 1
+put 887 1 1
+put 888 1 1
+put 889 1 1
+put 890 1 1
+put 891 1 1
+put 892 1 1
+put 893 1 1
+put 894 1 1
+put 895 1 1
+put 896 1 1
+put 897 1 1
+put 898 1 1
+put 899 1 1
+put 900 1 1
+put 901 1 1
+put 902 1 1
+put 903 1 1
+put 904 1 1
+put 905 1 1
+put 906 1 1
+put 907 1 1
+put 908 1 1
+put 909 1 1
+put 910 1 1
+put 911 1 1
+put 912 1 1
+put 913 1 1
+put 914 1 1
+put 915 1 1
+put 916 1 1
+put 917 1 1
+put 918 1 1
+put 919 1 1
+put 920 1 1
+put 921 1 1
+put 922 1 1
+put 923 1 1
+put 924 1 1
+put 925 1 1
+put 926 1 1
+put 927 1 1
+put 928 1 1
+put 929 1 1
+put 930 1 1
+put 931 1 1
+put 932 1 1
+put 933 1 1
+put 934 1 1
+put 935 1 1
+put 936 1 1
+put 937 1 1
+put 938 1 1
+put 939 1 1
+put 940 1 1
+put 941 1 1
+put 942 1 1
+put 943 1 1
+put 944 1 1
+put 945 1 1
+put 946 1 1
+put 947 1 1
+put 948 1 1
+put 949 1 1
+put 950 1 1
+put 951 1 1
+put 952 1 1
+put 953 1 1
+put 954 1 1
+put 955 1 1
+put 956 1 1
+put 957 1 1
+put 958 1 1
+put 959 1 1
+put 960 1 1
+put 961 1 1
+put 962 1 1
+put 963 1 1
+put 964 1 1
+put 965 1 1
+put 966 1 1
+put 967 1 1
+put 968 1 1
+put 969 1 1
+put 970 1 1
+put 971 1 1
+put 972 1 1
+put 973 1 1
+put 974 1 1
+put 975 1 1
+put 976 1 1
+put 977 1 1
+put 978 1 1
+put 979 1 1
+put 980 1 1
+put 981 1 1
+put 982 1 1
+put 983 1 1
+put 984 1 1
+put 985 1 1
+put 986 1 1
+put 987 1 1
+put 988 1 1
+put 989 1 1
+put 990 1 1
+put 991 1 1
+put 992 1 1
+put 993 1 1
+put 994 1 1
+put 995 1 1
+put 996 1 1
+put 997 1 1
+put 998 1 1
+put 999 1 1
+put 1000 1 1
+put 1001 1 1
+put 1002 1 1
+put 1003 1 1
+put 1004 1 1
+put 1005 1 1
+put 1006 1 1
+put 1007 1 1
+put 1008 1 1
+put 1009 1 1
+put 1010 1 1
+put 1011 1 1
+put 1012 1 1
+put 1013 1 1
+put 1014 1 1
+put 1015 1 1
+put 1016 1 1
+put 1017 1 1
+put 1018 1 1
+put 1019 1 1
+put 1020 1 1
+put 1021 1 1
+put 1022 1 1
+put 1023 1 1
diff --git a/src/1024DifferentPut/.DS_Store b/src/1024DifferentPut/.DS_Store
new file mode 100644
index 0000000000000000000000000000000000000000..5008ddfcf53c02e82d7eee2e57c38e5672ef89f6
Binary files /dev/null and b/src/1024DifferentPut/.DS_Store differ
diff --git a/src/1024DifferentPut/passbook.c b/src/1024DifferentPut/passbook.c
new file mode 100644
index 0000000000000000000000000000000000000000..ed91fb0bbd26f4fade04efd91134c7a91f56f967
--- /dev/null
+++ b/src/1024DifferentPut/passbook.c
@@ -0,0 +1,673 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <assert.h>
+#include <pwd.h>
+#include <unistd.h>
+
+#include "debug.h"
+
+#ifdef PASSBOOK_LIBFUZZER
+#include <stdint.h>
+const char LIBFUZZER_INPUT_FILE[] = "libFuzzerInput.tmp";
+/* turn off tracing to make it run faster */
+#define printf(...)
+#define fprintf(...)
+#endif
+
+const char INSTRUCTION_PUT[] = "put";
+
+const char INSTRUCTION_REM[] = "rem";
+
+const char INSTRUCTION_GET[] = "get";
+
+const char INSTRUCTION_SAVE[] = "save";
+
+const char INSTRUCTION_LIST[] = "list";
+
+const char INSTRUCTION_MASTERPW[] = "masterpw";
+
+/* a credential is a username/password pair */
+typedef struct {
+ char * username;
+ char * password;
+} cred_t;
+
+/* we store a mapping from URLs to credentials using a binary tree
+ to try to ensure log lookup performance */
+typedef struct node {
+ char * url;
+ cred_t cred;
+ // struct node *left;
+ // struct node *right;
+} node_t;
+
+#define MAP_NODE_NUM 1023
+
+static const node_t * lookup(const node_t *map, const char *url){
+ // while (p != NULL){
+ // int ret = strcmp(url,p->url);
+ // if (ret == 0){
+ // return p;
+ // }else if (ret < 0){
+ // p = p->left;
+ // }else{
+ // p = p->right;
+ // }
+ // }
+ // return p; // not found
+ if (map == NULL) {
+ map = (node_t *)calloc(MAP_NODE_NUM, sizeof(node_t));
+ assert(map != NULL);
+ }
+ for (int i = 0; i < MAP_NODE_NUM; i++) {
+ if ((map + i)->url == NULL) {
+ continue;
+ }
+ if (strcmp((map + i)->url,url) == 0) {
+ return (map + i);
+ }
+ }
+ return NULL;
+}
+
+
+
+static void node_print(const node_t *p){
+ printf("URL: %s, Username: %s, Password: %s\n",p->url,p->cred.username,p->cred.password);
+}
+
+// /* construct a new node */
+// static node_t *node_new(const char *url, const cred_t cred){
+// node_t *new = malloc(sizeof(node_t));
+// assert(new != NULL && "new: malloc failed");
+// new->url = strdup(url);
+// assert(new->url != NULL && "new: strdup url failed");
+// new->cred.username = strdup(cred.username);
+// assert(new->cred.username != NULL && "new: strdup username failed");
+// new->cred.password = strdup(cred.password);
+// assert(new->cred.password != NULL && "new: strdup password failed");
+// // new->left = NULL;
+// // new->right = NULL;
+// return new;
+// }
+
+// /* updates a node's credential in place:
+// replaces p's credential with that from q and frees q */
+// static void node_edit_cred(node_t * p, node_t *q){
+// free(p->cred.username);
+// free(p->cred.password);
+
+// p->cred.username = q->cred.username;
+// p->cred.password = q->cred.password;
+// free(q->url);
+// free(q);
+// }
+
+// static void node_free(node_t *p){
+// free(p->url);
+// free(p->cred.username);
+// free(p->cred.password);
+// free(p);
+// }
+
+/* insert q into p
+ we assume that if q has children then it cannot already
+ be present in p. Otherwise, if q has no children and we find its url in p,
+ then we edit the found entry in place while preserving its children */
+// static node_t * node_insert(node_t *map, node_t *q){
+ // if (p == NULL){
+ // return q;
+ // }
+ // if (q == NULL){
+ // return p;
+ // }
+ // /* we store a pointer to a node pointer that remembers where in the
+ // tree the new node needs to be added */
+ // node_t ** new = NULL;
+ // node_t * const start = p;
+ // while (new == NULL) {
+ // int ret = strcmp(q->url,p->url);
+ // if (ret == 0){
+ // assert (q->left == NULL && q->right == NULL && "illegal insertion");
+ // /* edit the node in place */
+ // node_edit_cred(p,q);
+ // /* q is now freed so cannot be used anymore */
+ // return start;
+ // }else if (ret < 0){
+ // if (p->left == NULL){
+ // new = &(p->left);
+ // }else{
+ // p = p->left;
+ // }
+ // }else{
+ // if (p->right == NULL){
+ // new = &(p->right);
+ // }else{
+ // p = p->right;
+ // }
+ // }
+ // }
+ // *new = q;
+ // return start;
+// }
+
+/* returns a pointer to the tree with the node added or with the existing
+ node updated if it was already present */
+static node_t * put(node_t *map, const char *url, const cred_t cred){
+ if (map == NULL) {
+ map = (node_t *)calloc(MAP_NODE_NUM, sizeof(node_t));
+ assert(map != NULL);
+ }
+ for (int i = 0; i < MAP_NODE_NUM; i++) {
+ if ((map + i)->url != NULL && strcmp((map + i)->url, url) == 0) {
+ free((map + i)->cred.password);
+ free((map + i)->cred.username);
+ (map + i)->cred.password = strdup(cred.password);
+ (map + i)->cred.username = strdup(cred.username);
+ return map;
+ }
+ }
+ int i = 0;
+ while (1) {
+ if ((map + i)->url == NULL)
+ {
+ (map + i)->cred.password = strdup(cred.password);
+ (map + i)->cred.username = strdup(cred.username);
+ (map + i)->url = strdup(url);
+ return map;
+ }
+ i++;
+ }
+ return map;
+}
+
+/* destroy tree rooted at p */
+static void destroy(node_t *map){
+ if(map == NULL) {
+ return;
+ }
+ for(int i = 0; i < MAP_NODE_NUM; i++) {
+ if ((map + i)->url != NULL) {
+ free((map + i)->url);
+ free((map + i)->cred.password);
+ free((map + i)->cred.username);
+ }
+ }
+ free(map);
+}
+
+/* returns a pointer to the tree with the node removed (if it was present) */
+static node_t * rem(node_t *map, const char *url){
+ // node_t * const start = p;
+ // /* remember where the pointer to p was stored */
+ // node_t ** pptr = NULL;
+ // while (p != NULL){
+ // int ret = strcmp(url,p->url);
+ // if (ret == 0){
+ // node_t * left = p->left;
+ // node_t * const right = p->right;
+ // left = node_insert(left,right);
+ // node_free(p);
+ // if (pptr != NULL){
+ // *pptr = left;
+ // return start;
+ // }else{
+ // /* p was the only node in the tree */
+ // assert(p == start);
+ // return left;
+ // }
+ // }else if (ret < 0){
+ // pptr = &(p->left);
+ // p = p->left;
+ // }else{
+ // pptr = &(p->right);
+ // p = p->right;
+ // }
+ // }
+ // return start; // not found
+ if (map == NULL) {
+ map = (node_t *)calloc(MAP_NODE_NUM, sizeof(node_t));
+ assert(map != NULL);
+ }
+ for (int i = 0; i < MAP_NODE_NUM; i++) {
+ if ((map + i)->url == NULL) {
+ continue;
+ }
+ if (strcmp((map + i)->url, url) == 0) {
+ free((map + i)->url);
+ (map + i)->url = NULL;
+ free((map + i)->cred.password);
+ free((map + i)->cred.username);
+ break;
+ }
+ }
+ return map;
+}
+
+const char WHITESPACE[] = " \t\r\n";
+
+
+/* tokenise a string, splitting on characters in WHITESPACE, up to
+ * a maxium of toksLen tokens, each of whose start addresses is put into
+ * toks and each of which is NUL-terminated in str.
+ * returns number of tokens found */
+unsigned int tokenise(char *str, char * toks[], unsigned int toksLen){
+ unsigned numToks = 0;
+ while (numToks < toksLen){
+ /* strip leading whitespace */
+ size_t start = strspn(str,WHITESPACE);
+ if (str[start] != '\0'){
+ toks[numToks] = &(str[start]);
+
+ /* compute the length of the token */
+ const size_t tokLen = strcspn(toks[numToks],WHITESPACE);
+ if (tokLen > 0){
+ toks[numToks][tokLen] = '\0';
+ str = &(toks[numToks][tokLen+1]);
+ numToks++;
+ }else{
+ return numToks;
+ }
+ }else{
+ return numToks;
+ }
+ }
+ return numToks;
+}
+
+#define MAX_LINE_LENGTH 1022
+#define MAX_INSTRUCTIONS 1024
+/* two extra chars in each line: the newline '\n' and NUL '\0' */
+#define INSTRUCTION_LENGTH (MAX_LINE_LENGTH+2)
+
+
+/* a global instruction buffer */
+char inst[INSTRUCTION_LENGTH];
+
+/* password mapping for each url: initially empty */
+node_t * map = NULL;
+
+/* a doubly-linked list of node pointers
+ is used to implement stacks/queues of nodes so we can implement various
+ tree traversal algorithms without using recursion (to avoid stack overflow
+ for very large trees). Stack overflow is a trivial form of memory-safety
+ vulnerability. */
+// typedef struct nodeptr_list_elem {
+// const node_t *p;
+// struct nodeptr_list_elem *next;
+// struct nodeptr_list_elem *prev;
+// } nodeptr_list_elem_t;
+
+// typedef struct nodeptr_list {
+// nodeptr_list_elem_t *head;
+// nodeptr_list_elem_t *last;
+// } nodeptr_list_t;
+
+
+// /* push an element p onto the front of a nodeptr list lst */
+// nodeptr_list_t list_push(nodeptr_list_t lst, const node_t *p){
+// nodeptr_list_elem_t *n = malloc(sizeof(nodeptr_list_elem_t));
+// assert(n != NULL && "push: malloc failed");
+// n->p = p;
+// n->next = lst.head;
+// n->prev = NULL;
+// if (lst.head != NULL){
+// assert(lst.last != NULL);
+// lst.head->prev = n;
+// }else{
+// assert(lst.last == NULL);
+// lst.last = n;
+// }
+// lst.head = n;
+
+// return lst;
+// }
+
+// /* when out is non-NULL we place a pointer to the first node into it.
+// assumption: lst.head and lst.last are non-NULL */
+// nodeptr_list_t list_pop(nodeptr_list_t lst, const node_t **out){
+// assert(lst.head != NULL && lst.last != NULL);
+// if (out != NULL){
+// *out = lst.head->p;
+// }
+// if (lst.last == lst.head){
+// free(lst.head);
+// lst.head = NULL;
+// lst.last = NULL;
+// }else{
+// nodeptr_list_elem_t *ret = lst.head->next;
+// free(lst.head);
+// lst.head = ret;
+// }
+// return lst;
+// }
+
+// /* when out is non-NULL we place a pointer to the last node into it.
+// assumption: lst.head and lst.last are non-NULL */
+// nodeptr_list_t list_dequeue(nodeptr_list_t lst, const node_t **out){
+// assert(lst.head != NULL && lst.last != NULL);
+// if (out != NULL){
+// *out = lst.last->p;
+// }
+
+// if (lst.last == lst.head){
+// free(lst.head);
+// lst.head = NULL;
+// lst.last = NULL;
+// }else{
+// nodeptr_list_elem_t *ret = lst.last->prev;
+// free(lst.last);
+// lst.last = ret;
+// }
+// return lst;
+// }
+
+/* in order traversal to print out nodes in sorted order. Is used to
+ implement listing of all entries in the passbook */
+void print_inorder(const node_t *map){
+ // nodeptr_list_t lst = {.head = NULL, .last = NULL};
+ // if (p != NULL){
+ // lst = list_push(lst,p);
+
+ // while(lst.head != NULL){
+ // // keep recursing left until we can go no further
+ // while (p->left != NULL){
+ // lst = list_push(lst,p->left);
+ // p = p->left;
+ // }
+
+ // // pop from the stack to simulate the return
+ // const node_t *q;
+ // lst = list_pop(lst,&q);
+
+ // // print the node following the return
+ // node_print(q);
+
+ // // simulate right recursive call
+ // if (q->right != NULL){
+ // lst = list_push(lst,q->right);
+ // p = q->right;
+ // }
+ // }
+ // }
+ if (map == NULL) {
+ return;
+ }
+ for (int i = 0; i < MAP_NODE_NUM; i++) {
+ if((map + i)->url == NULL) {
+ continue;
+ }
+ node_print((map + i));
+ }
+}
+
+/* save a node to the given file. We save to the file a "put" instruction
+ that will cause the node to be placed back into the passbook when the
+ file is read. */
+void node_save(const node_t *p, FILE *f){
+ fprintf(f,"%s",INSTRUCTION_PUT);
+ fprintf(f," ");
+ fprintf(f,"%s",p->url);
+ fprintf(f," ");
+ fprintf(f,"%s",p->cred.username);
+ fprintf(f," ");
+ fprintf(f,"%s",p->cred.password);
+ fprintf(f,"\n");
+}
+
+/* save the master password to the given file. We save a "masterpw"
+ instruction that will cause the passbook to prompt the user for the
+ given master password the next time the file is read */
+void masterpw_save(const char *pw, FILE *f){
+ fprintf(f,"%s",INSTRUCTION_MASTERPW);
+ fprintf(f," ");
+ fprintf(f,"%s",pw);
+ fprintf(f,"\n");
+}
+
+/* level order (i.e. breadth-first) traversal to print nodes out in the
+ order that they need to be put back in to an empty tree to ensure
+ that the resulting tree has the same structure as the original one.
+ This is how we save the passbook to a file.
+ Returns 0 on success; nonzero on failure */
+int save_levelorder(const node_t *map, const char *masterpw,
+ const char * filename){
+#ifdef PASSBOOK_FUZZ
+ // ignore the file name when fuzzing etc. to avoid DoS on the server
+ FILE *f = fopen("/dev/null","w");
+#else
+ FILE *f = fopen(filename,"w");
+#endif
+ if (f == NULL){
+ fprintf(stderr,"Couldn't open file %s for writing.\n",filename);
+ return -1;
+ }
+ masterpw_save(masterpw,f);
+ // nodeptr_list_t lst = {.head = NULL, .last = NULL};
+ // if (p != NULL){
+ // lst = list_push(lst,p);
+
+ // while(lst.last != NULL){
+ // lst = list_dequeue(lst,&p);
+ // node_save(p,f);
+ // if (p->left != NULL){
+ // lst = list_push(lst,p->left);
+ // }
+ // if (p->right != NULL){
+ // lst = list_push(lst,p->right);
+ // }
+ // }
+ // }
+ if (map == NULL) {
+ map = (node_t *)calloc(MAP_NODE_NUM, sizeof(node_t));
+ assert(map != NULL);
+ }
+ for(int i = 0; i < MAP_NODE_NUM; i++) {
+ if ((map + i)->url == NULL) {
+ continue;
+ }
+ node_save((map + i), f);
+ }
+ fclose(f);
+ return 0;
+}
+
+/* returns 0 on successful execution of the instruction in inst */
+static int execute(void){
+ char * toks[4]; /* these are pointers to start of different tokens */
+ const unsigned int numToks = tokenise(inst,toks,4);
+
+ if (numToks == 0){
+ /* blank line */
+ return 0;
+ }
+
+ if (strcmp(toks[0],INSTRUCTION_GET) == 0){
+ if (numToks != 2){
+ debug_printf("Expected 1 argument to %s instruction but instead found %u\n",INSTRUCTION_GET,numToks-1);
+ return -1;
+ }
+ debug_printf("Looking up: %s\n",toks[1]);
+ const node_t *p = lookup(map,toks[1]);
+ if (p != NULL){
+ node_print(p);
+ }else{
+ printf("Not found.\n");
+ }
+
+ } else if (strcmp(toks[0],INSTRUCTION_REM) == 0){
+ if (numToks != 2){
+ debug_printf("Expected 1 argument to %s instruction but instead found %u\n",INSTRUCTION_REM,numToks-1);
+ return -1;
+ }
+ debug_printf("Removing: %s\n",toks[1]);
+ map = rem(map,toks[1]);
+
+ } else if (strcmp(toks[0],INSTRUCTION_PUT) == 0){
+ if (numToks != 4){
+ debug_printf("Expected 3 arguments to %s instruction but instead found %u\n",INSTRUCTION_PUT,numToks-1);
+ return -1;
+ }
+ cred_t cred;
+ cred.username = toks[2];
+ cred.password = toks[3];
+ map = put(map,toks[1],cred);
+
+ } else if (strcmp(toks[0],INSTRUCTION_SAVE) == 0){
+ if (numToks != 3){
+ debug_printf("Expected 2 arguments to %s instruction but instead found %u\n",INSTRUCTION_SAVE,numToks-1);
+ return -1;
+ }
+ debug_printf("Saving under master password %s to file: %s\n",toks[1],toks[2]);
+ if (save_levelorder(map,toks[1],toks[2]) != 0){
+ debug_printf("Error saving to file %s\n",toks[2]);
+ return -1;
+ }
+
+ } else if (strcmp(toks[0],INSTRUCTION_MASTERPW) == 0){
+ if (numToks != 2){
+ debug_printf("Expected 1 argument to %s instruction but instead found %u\n",INSTRUCTION_MASTERPW,numToks-1); return -1;
+ }
+ // when fuzzing (or gathering coverage stats, etc.) don't check master pw
+#ifndef PASSBOOK_FUZZ
+ const char * pass = getpass("Enter master password: ");
+ if (pass == NULL || strcmp(pass,toks[1]) != 0){
+ fprintf(stderr,"Master password incorrect!\n");
+ exit(1); // exit immediately
+ }
+#else
+ return -1;
+#endif
+
+ } else if (strcmp(toks[0],INSTRUCTION_LIST) == 0){
+ if (numToks != 1){
+ debug_printf("Expected 0 arguments to %s instruction but instead found %u\n",INSTRUCTION_LIST,numToks-1);
+ return -1;
+ }
+ print_inorder(map);
+
+ }else{
+ debug_printf("Unrecognised instruction %s\n",toks[0]);
+ return -1;
+ }
+
+ return 0;
+}
+
+/* returns >=0 on success, in which case the number of instructions executed
+ is returned. Returns < 0 on failure. */
+static int run(FILE *f){
+ assert(f != NULL);
+
+ int instructionCount = 0;
+ while (instructionCount < MAX_INSTRUCTIONS){
+ memset(inst,0,sizeof(inst));
+ char * res = fgets(inst,sizeof(inst),f);
+ if (res == NULL){
+ if (feof(f)){
+ /* end of file */
+ return instructionCount;
+ }else{
+ debug_printf("Error while reading, having read %d lines\n",instructionCount);
+ return -1;
+ }
+ }
+ if (inst[MAX_LINE_LENGTH] != '\0'){
+ if (!(inst[MAX_LINE_LENGTH] == '\n' && inst[MAX_LINE_LENGTH+1] == '\0')){
+ fprintf(stderr,"Line %d exceeds maximum length (%d)\n",instructionCount+1,MAX_LINE_LENGTH);
+ debug_printf("(Expected at array index %d to find NUL but found '%c' (%d))\n",MAX_LINE_LENGTH,inst[MAX_LINE_LENGTH],inst[MAX_LINE_LENGTH]);
+ return -1;
+ }
+ }else{
+ /* inst[MAX_LINE_LENGTH] == '\0', so
+ strlen is guaranteed to be <= MAX_LINE_LENGTH
+ Check if it has a newline and add it if it needs it */
+ size_t len = strlen(inst);
+ if (len > 0){
+ if (inst[len-1] != '\n'){
+ inst[len] = '\n';
+ inst[len+1] = '\0';
+ }
+ }
+ }
+ instructionCount++;
+ int r = execute();
+ if (r != 0){
+ return -1;
+ }
+ }
+
+ if (feof(f)){
+ /* final line of file didn't have a trailing newline */
+ return instructionCount;
+ }else{
+ /* see if we are at end of file by trying to do one more read.
+ this is necessary if the final line of the file ends in a
+ newline '\n' character */
+ char c;
+ int res = fread(&c,1,1,f);
+ if (res == 1){
+ fprintf(stderr,"Number of instructions (lines) in file exceeds max (%d)\n",MAX_INSTRUCTIONS);
+ return -1;
+ }else{
+ if (feof(f)){
+ /* final read found the EOF, so all good */
+ return instructionCount;
+ }else{
+ /* probably won't ever get here */
+ debug_printf("Error while trying to test if line %d was empty\n",instructionCount+1);
+ return -1;
+ }
+ }
+ }
+}
+
+#ifdef PASSBOOK_LIBFUZZER
+int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
+ FILE *f = fopen(LIBFUZZER_INPUT_FILE,"w");
+ fwrite(Data,Size,1,f);
+ fclose(f);
+ f = fopen(LIBFUZZER_INPUT_FILE,"r");
+ run(f);
+ fclose(f);
+ destroy(map);
+ map = NULL;
+ return 0; /* libFuzzer wants 0 returned always */
+}
+#else
+int main(const int argc, const char * argv[]){
+ if (argc <= 1){
+ fprintf(stderr,"Usage: %s file1 file2 ...\n",argv[0]);
+ fprintf(stderr," use - to read from standard input\n");
+ exit(0);
+ }
+
+ for (int i = 1; i<argc; i++){
+ printf("Running on input file %s\n",argv[i]);
+ FILE *f;
+ if (strcmp(argv[i],"-") == 0){
+ f = stdin;
+ }else{
+ f = fopen(argv[i],"r");
+ if (f == NULL){
+ fprintf(stderr,"Error opening %s for reading\n",argv[i]);
+ destroy(map);
+ exit(1);
+ }
+ }
+ map = (node_t *)calloc(MAP_NODE_NUM, sizeof(node_t));
+ assert(map != NULL);
+ int ans = run(f);
+ if (ans < 0){
+ fprintf(stderr,"Error\n");
+ }
+ /* do not close stdin */
+ if (f != stdin){
+ fclose(f);
+ }
+ }
+ destroy(map);
+ return 0;
+}
+#endif