Description
This test takes in a char value from a taint source. The value is cast to a byte causing an unsigned to signed conversion. This value is then used to allocate an array. If the original char is >127 this will lead to a negative index for the array causing a NegativeArraySizeException.
Metadata
- Base program: Apache JMeter
- Source Taint: ENVIRONMENT_VARIABLE
- Data Type: SIMPLE
- Data Flow: BASIC
- Control Flow: SEQUENCE
Flaws
Test Suites
Documentation
Have any comments on this test case? Please, send us an email.