Displaying test cases 92626 - 92645 of 92645 in total
-
Command injection problems are a subset of injection problem, in which the process is tricked into calling external processes of the attackers choice through the injection of control-plane data into the data plane. (from TCCLASP-5_2_25_10)
-
Format string problems occur when a user has the ability to control or write completely the format string used to format data in the printf style family of C/ C++ functions. (from TCCLASP-5_2_23_10)
-
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as the POSIX malloc() call. (from TCCLASP-5_2_4_10)
-
State synchronization refers to a set of flaws involving contradictory states of execution in a process which result in undefined behavior. (from TCCLASP-5_4_1_10-C)
-
Nonces should be used for the present occasion and only once. (from TCCLASP-5_5_20_10-C)
-
The use of a hard-coded cryptographic key tremendously increases the possibility that encrypted data may be recovered (from TCCLASP-5_5_10_10-C)
-
Race conditions occur frequently in signal handlers, since they are asynchronous actions. These race conditions may have any number of root-causes and symptoms. (from TCCLASP-5_4_7_10)
-
If the variable which is switched on is changed while the switch statement is still in progress undefined activity may occur. (from TCCLASP-5_4_6_10)
-
Assumptions about protocol data or data stored in memory can be invalid, resulting in using data in ways that were unintended. (from TCCLASP-5_3_1_10)
-
Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion. (from TCCLASP-5_2_9_10)
-
Integer coercion refers to a set of flaws pertaining to the type casting, extension,or truncation of primitive data types. (from TCCLASP-5_2_8_10)[br][br]Duplicate code of Test Case 3
-
A stack overflow condition is a buffer overflow condition, where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). (from TCCLASP-5_2_3_10)
-
Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow. (from TCCLASP-5_2_2_10)
-
Freeing or deleting the same memory chunk twice may - when combined with other flaws - result in a write-what-where condition. (from TCCLASP-5_2_20_10)
-
A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold or when a program attempts to put data in a memory area past a buffer. In this case, a buffer is a sequential section of memory allocated to contain anything from a character string to an arra...
-
The use of heap allocated memory after it has been freed or deleted leads to undefined system behavior and, in many cases, to a write-what-where condition. (from TCCLASP-5_2_19_10)
-
Improper string length checking takes place when wide or multi-byte character strings are mistaken for standard character strings. (from TCCLASP-5_2_15_10)
-
Miscalculated null termination occurs when the placement of a null character at the end of a buffer of characters (or string) is misplaced or omitted. (from TCCLASP-5_2_14_9)
-
An unsigned-to-signed conversion error takes place when a large unsignedprimitive is used as an signed value - usually as a size variable. (from TCCLASP-5_2_12_10)[br][br]Duplicate code of Test Case 19
-
If one extends a signed number incorrectly, if negative numbers are used, an incorrect extension may result. (from TCCLASP-5_2_10_10)