From 1c11b8a5e9e32ee69c927e1024223641a1ba344f Mon Sep 17 00:00:00 2001
From: York Jasper Niebuhr <yjnworkstation@gmail.com>
Date: Fri, 3 Apr 2026 23:52:21 +0200
Subject: [PATCH] Expanded subject to expose nested datapin flaw

---
 subject/main.c       | 10 ++++++++--
 subject/second.c     | 11 ++++++++---
 subject/sub/second.c | 11 ++++++++---
 3 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/subject/main.c b/subject/main.c
index abfc7d6..8a831d2 100644
--- a/subject/main.c
+++ b/subject/main.c
@@ -3,7 +3,9 @@
 #include "task_struct.h"
 
 int second_pid();
-int third_pid();
+const char* second_comm();
+int subsecond_pid();
+const char* subsecond_comm();
 
 struct task_struct global = { .pid = 42, .comm = "main_global" };
 
@@ -49,6 +51,10 @@ int main(void)
     size_t myOffset = ((size_t)&((struct task_struct*)0)->tasks);
     printf("DIY offsetof(task_struct, tasks) yiels %2llu\n", myOffset);
 
-    return second_pid() * third_pid();
+    printf("Global: pid=%d comm=\"%s\"\n", global.pid, global.comm);
+    printf("Second global: pid=%d comm=\"%s\"\n", second_pid(), second_comm());
+    printf("Subsecond global: pid=%d comm=\"%s\"\n", subsecond_pid(), subsecond_comm());
+
+    return 0;
 }
 
diff --git a/subject/second.c b/subject/second.c
index 7f1993a..185d201 100644
--- a/subject/second.c
+++ b/subject/second.c
@@ -1,7 +1,12 @@
 #include "task_struct.h"
 
-static struct task_struct global = { .pid = 43, .comm = "third_global" };
+static struct task_struct global = { .pid = 43, .comm = "second_global" };
 
-int third_pid() {
-	return global.pid;
+int second_pid() {
+    return global.pid;
 }
+
+const char* second_comm() {
+    return global.comm;
+}
+
diff --git a/subject/sub/second.c b/subject/sub/second.c
index 84fd473..0c1e851 100644
--- a/subject/sub/second.c
+++ b/subject/sub/second.c
@@ -1,7 +1,12 @@
 #include "task_struct.h"
 
-static struct task_struct global = { .pid = 0, .comm = "second_global" };
+static struct task_struct global = { .pid = 0, .comm = "subsecond_global" };
 
-int second_pid() {
-	return global.pid;
+int subsecond_pid() {
+    return global.pid;
 }
+
+const char* subsecond_comm() {
+    return global.comm;
+}
+