Back to the previous page

Test Case ID	7
Bad / Good / Mixed	Bad
Author	SecureSoftware
Associated test case	N/A
Contributor	SecureSoftware
Language	C
Type of test case	Source Code

Input string	N/A
Expected Output	N/A
Instructions	N/A
Submission date	2005-10-21
Description	A buffer overflow condition exists when a program attempts to put more data in a buffer than it can hold or when a program attempts to put data in a memory area past a buffer. In this case, a buffer is a sequential section of memory allocated to contain anything from a character string to an array of integers. (from TCCLASP-5_2_1_10)
Filename	Buffer_overflow.c (113 bytes)
Flaw	CWE-119: Failure To Constrain Operations within the Bounds of an Allocated Memory Buffer at line 3 + Root CWE-019: Data Handling CWE-118: Improper Access of Indexable Resource (Range Error) CWE-119: Failure To Constrain Operations within the Bounds of an Allocated Memory Buffer

There are no comments :: Submit a comment

Buffer_overflow.c

void example(char *s) {
char buf[1024];
strcpy(buf, s);
}
 
int main(int argc, char **argv) {
example(argv[1]);
}
 