A string function is passed a value without format string. This can lead to a format string vulnerability if the value can be in control of a malicious user.
These test cases were graciously provided by Frederic Michaud of Defense Research & Development Canada - Valcartier.
Please see test case ID 000-001-518 for an executable suite of all the DRDC test cases.
Have any comments on this test case? Please, send us an email.