Package illustrating a test case

Test case 149139

Type: source code
Pairs: 149140-v1.0.0
State: bad
Author: NIST, Alexander Hoole, Aurelien Delaitre
Status: candidate
Language: C
Submission Date: 23 Mar 2015

Description

The test case shows how it is easy to get a buffer overflow if a string function is misused with an address alias level code complexity.

Flaws

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Have any comments on this test case? Please, send us an email.