Description
This weakness takes an integer and string as input (int string) where the integer is the size of the array to sort for timing and the string is the data that is acted upon. The weakness spawns two threads, both of which in turn call the function 'arrFunc' which is non-reentrant. 'arrFunc' uses a static integer to iterate through the string which can lead to multiple increments of j per iteration of the for loop causing a StringIndexOutOfBoundsException if 'arrFunc' is run simultaneously by two or more threads.
Metadata
- Base program: Elastic Search
- Source Taint: ENVIRONMENT_VARIABLE
- Data Type: SIMPLE
- Data Flow: ADDRESS_AS_CONSTANT
- Control Flow: BREAK_WITH_LABEL
Flaws
Test Suites
Documentation
Have any comments on this test case? Please, send us an email.