Back to the previous page

Test Case ID	14
Bad / Good	Bad
Author	N/A
Associated test case	N/A
Contributor	SecureSoftware
Language	C
Type of test case	Source Code

Input string	N/A
Expected Output	N/A
Instructions	N/A
Submission date	2005-10-21
Description	A stack overflow condition is a buffer overflow condition, where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). (from TCCLASP-5_2_3_10)
Filename	./Stack_overflow.c (120 bytes)
Flaw	CWE-121: Stack-based Buffer Overflow at line 5 + Root CWE-019: Data Handling CWE-118: Improper Access of Indexable Resource (Range Error) CWE-119: Failure to Constrain Operations within the Bounds of an Allocated Memory Buffer CWE-120: Buffer Copy without Checking Size of Input CWE-121: Stack-based Buffer Overflow

>./Stack_overflow.c

/* Stack Overflow */
#define BUFSIZE 256
int main(int argc, char **argv) {
char buf[BUFSIZE];
strcpy(buf, argv[1]);
}
 
 
 