git.stella-ops.org/bench/reachability-benchmark/cases/c/unsafe-system/src/main.c

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

static int run_command(const char *user_cmd)
{
    char cmd[256];
    // Deliberately unsafe: user input embedded directly.
    snprintf(cmd, sizeof(cmd), "echo START && %s && echo END", user_cmd);
    return system(cmd);
}

int main(int argc, char **argv)
{
    if (argc < 2)
    {
        fprintf(stderr, "usage: %s <command>\n", argv[0]);
        return 1;
    }

    int rc = run_command(argv[1]);
    if (rc != 0)
    {
        fprintf(stderr, "command failed\n");
        return 2;
    }

    puts("done");
    return 0;
}