SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #7

Back to the previous page...Back to the previous page

Test Case IDCandidate7
Bad / Good / MixedBadBad test case
AuthorSecureSoftware
Associated test case N/A
ContributorSecureSoftware
LanguageC
Type of test caseSource Code
Input stringN/A
Expected OutputN/A
InstructionsN/A
Submission date2005-10-21
DescriptionA buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold or when a program attempts to put data in a memory area past a buffer. In this case, a buffer is a sequential section of memory allocated to contain anything from a character string to an array of integers. (from TCCLASP-5_2_1_10)
Filename
Flaw
  • (?) CWE-119: Failure To Constrain Operations within the Bounds of an Allocated Memory Buffer at line 3

There are no comments :: Submit a comment

Buffer_overflow.c
  1. void example(char *s) {
  2. char buf[1024];
  3. strcpy(buf, s);
  4. }
  5.  
  6. int main(int argc, char **argv) {
  7. example(argv[1]);
  8. }
  9.