National Institute of Standards and Technology
Package illustrating a test case

Test case 154407

Description

This test takes a filename that is used as a representation of an externally accessible and unrestricted mutex lock. The weakness will then attempt to grab this lock by checking for the files existence, and creating the file if it doesn't exist. If the file does exist, the weakness will hang until it is deleted, indefinitely.
Metadata
- Base program: Elastic Search
- Source Taint: ENVIRONMENT_VARIABLE
- Data Type: VOID_POINTER
- Data Flow: ADDRESS_AS_FUNCTION_RETURN_VALUE
- Control Flow: INDIRECTLY_RECURSIVE

Flaws

Test Suites

Documentation

Have any comments on this test case? Please, send us an email.