Description
tTflag Buffer Underrun: CVE-2001-0653.
From MIT benchmarks (models/sendmail/s6)
Due to a type casting side effect (assigning unsigned int to signed int), it is possible to write data to a negative index of a buffer.
Bad file: tTflag-bad.c
Bad line number: 170
To fix, declare indexes as unsigned int on line 122.
Taxonomy Classification: 0163400200210133011411
WRITE/READ = write
WHICH BOUND = lower
DATA TYPE = unsigned char
MEMORY LOCATION = bss
SCOPE = inter-file/global
CONTAINER = no
POINTER = no
INDEX COMPLEXITY = linear expr
ADDRESS COMPLEXITY = constant
LENGTH COMPLEXITY = N/A
ADDRESS ALIAS = yes, two levels
INDEX ALIAS = yes, one level
LOCAL CONTROL FLOW = none
SECONDARY CONTROL FLOW = if
LOOP STRUCTURE = while
LOOP COMPLEXITY = two
ASYNCHRONY = no
TAINT = argc/argv
RUNTIME ENV. DEPENDENCE = yes
MAGNITUDE = varies
CONTINUOUS/DISCRETE = continuous
SIGNEDNESS = yes
Flaws
Test Suites
Have any comments on this test case? Please, send us an email.