National Institute of Standards and Technology
Package illustrating a test case

Test case 1542


A string function is passed a value without format string. This can lead to a format string vulnerability if the value can be in control of a malicious user.
These test cases were graciously provided by Frederic Michaud of Defense Research & Development Canada - Valcartier.
Please see test case ID 000-001-518 for an executable suite of all the DRDC test cases.


Test Suites

Have any comments on this test case? Please, send us an email.