National Institute of Standards and Technology
Package illustrating a test case

Test case 150078

Description

This test case implements two threads that do not use synchronization while accessing a shared resource. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test case to ensure that the test case follows an exploiting or benign execution path, and the input string is used as shared data for the threads to act upon. When executing, the test case spawns two threads, one of which calculates an increment amount, and the other uses this increment amount to iterate through the shared input string setting each position to a '#'. If the calculated increment amount is negative, and the thread that uses it to iterate though the string does so before it is sanitized, the test case will underwrite its buffer, causing a segfault if it underwrites far enough.
Metadata
- Base program: Subversion
- Source Taint: SOCKET
- Data Type: SIMPLE
- Data Flow: BUFFER_ADDRESS_POINTER
- Control Flow: INDIRECTLY_RECURSIVE

Flaws

Test Suites

Documentation

Have any comments on this test case? Please, send us an email.