And here's an attack (freelist poisoning) against musl on Alpine (latest) :)pic.twitter.com/9xH41hKC4e
You can add location information to your Tweets, such as your city or precise location, from the web and via third-party applications. You always have the option to delete your Tweet location history. Learn more
You'd need to chain it with some kinda UAF vulnerability, for example.
The code above is itself use after free. There's free(p), and then *(p+1) is assigned a value. Or maybe I misunderstood it. I googled freelist poisoning, but all results are chemical poisons. Do you happen to know of a good article or a better search term?
The last malloc returned a pointer to foo. Thus, the code was able to arbitrarily write to memory (foo) given a UAF and otherwise legitimate application logic.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.