Back to the previous page

Test Case ID	16
Bad / Good	Bad
Author	N/A
Associated test case	N/A
Contributor	SecureSoftware
Language	C++
Type of test case	Source Code

Input string	N/A
Expected Output	N/A
Instructions	N/A
Submission date	2005-10-21
Description	A buffer underwrite condition occurs when a buffer is indexed with a negative number, or pointer arithmetic with a negative value results in a position before the beginning of the valid memory location. (from TCCLASP-5_2_5_9)
Filename	./Buffer_underwrite.cpp (219 bytes)
Flaw	CWE-119: Failure to Constrain Operations within the Bounds of an Allocated Memory Buffer at line 9 + Root CWE-019: Data Handling CWE-118: Improper Access of Indexable Resource (Range Error) CWE-119: Failure to Constrain Operations within the Bounds of an Allocated Memory Buffer

There is no comments :: Submit a comment ::

>./Buffer_underwrite.cpp

#include <iostream>
#include <string>
using namespace std;
 
int main() {
char destBuf[1024],srcBuf[1024];
string s1 = "This string is fair short.";
srcBuf[0]='\0';
strncpy(destBuf, &srcBuf[s1.find("abc")], 100); 
 
}
 
 
 
 