CWE: 121 Stack Based Buffer Overflow BadSource: Void pointer to a wchar_t array GoodSource: Void pointer to a char array Sinks: GoodSink: Allocate memory using wcslen() and copy data BadSink : Allocate memory using strlen() and copy data Flow Variant: 10 Control flow: if(globalTrue) and if...

CWE: 121 Stack Based Buffer Overflow BadSource: Void pointer to a wchar_t array GoodSource: Void pointer to a char array Sinks: GoodSink: Allocate memory using wcslen() and copy data BadSink : Allocate memory using strlen() and copy data Flow Variant: 09 Control flow: if(GLOBAL_CONST_TRUE)...

CWE: 121 Stack Based Buffer Overflow BadSource: Void pointer to a wchar_t array GoodSource: Void pointer to a char array Sinks: GoodSink: Allocate memory using wcslen() and copy data BadSink : Allocate memory using strlen() and copy data Flow Variant: 08 Control flow: if(staticReturnsTrue(...

CWE: 121 Stack Based Buffer Overflow BadSource: Void pointer to a wchar_t array GoodSource: Void pointer to a char array Sinks: GoodSink: Allocate memory using wcslen() and copy data BadSink : Allocate memory using strlen() and copy data Flow Variant: 07 Control flow: if(staticFive==5) and...

CWE: 121 Stack Based Buffer Overflow BadSource: Void pointer to a wchar_t array GoodSource: Void pointer to a char array Sinks: GoodSink: Allocate memory using wcslen() and copy data BadSink : Allocate memory using strlen() and copy data Flow Variant: 06 Control flow: if(STATIC_CONST_FIVE=...

CWE: 121 Stack Based Buffer Overflow BadSource: Void pointer to a wchar_t array GoodSource: Void pointer to a char array Sinks: GoodSink: Allocate memory using wcslen() and copy data BadSink : Allocate memory using strlen() and copy data Flow Variant: 05 Control flow: if(staticTrue) and if...

CWE: 121 Stack Based Buffer Overflow BadSource: Void pointer to a wchar_t array GoodSource: Void pointer to a char array Sinks: GoodSink: Allocate memory using wcslen() and copy data BadSink : Allocate memory using strlen() and copy data Flow Variant: 04 Control flow: if(STATIC_CONST_TRUE)...

CWE: 121 Stack Based Buffer Overflow BadSource: Void pointer to a wchar_t array GoodSource: Void pointer to a char array Sinks: GoodSink: Allocate memory using wcslen() and copy data BadSink : Allocate memory using strlen() and copy data Flow Variant: 03 Control flow: if(5==5) and if(5!=5)

CWE: 121 Stack Based Buffer Overflow BadSource: Void pointer to a wchar_t array GoodSource: Void pointer to a char array Sinks: GoodSink: Allocate memory using wcslen() and copy data BadSink : Allocate memory using strlen() and copy data Flow Variant: 02 Control flow: if(1) and if(0)

CWE: 121 Stack Based Buffer Overflow BadSource: Void pointer to a wchar_t array GoodSource: Void pointer to a char array Sinks: GoodSink: Allocate memory using wcslen() and copy data BadSink : Allocate memory using strlen() and copy data Flow Variant: 01 Baseline

CVE-2013-1579

Defect Type: Stack related defects Defect Sub-type: Stack underrun Description: Defect Free Code to identify false positives in stack underrun conditions The test case contains coincidental weaknesses along with intended ones as follows for file st_underrun.c: * line(s): 51,235,237 CWE-124 * line...

Defect Type: Stack related defects Defect Sub-type: Stack underrun The test case contains coincidental weaknesses along with intended ones as follows for file st_underrun.c: * line(s): 25,51,92,130,150,193 CWE-835 * line(s): 193,195,204 CWE-121 * line(s): 195,227 CWE-124 * line(s): 247 CWE-561

Defect Type: Stack related defects Defect Sub-type: Stack overflow

Defect Type: Static memory defects Defect Sub-type: Static buffer overrun Description: Defect Free Code to identify false positives in static buffer overrun The test case contains coincidental weaknesses along with intended ones as follows for file overrun_st.c: * line(s): 22,33,45,56,67,78,89,10...

Defect Type: Static memory defects Defect Sub-type: Static buffer overrun The test case contains coincidental weaknesses along with intended ones as follows for file overrun_st.c: * line(s): 22,33,45,56,67,78,89,100,111,170,183,195,207,223,251,265,281,294,307,321,334,347,360,373,388,403,429,444,4...

Defect Type: Resource management defects Defect Sub-type: Memory allocation failure Description: Defect Free Code to identify false positives while memory_allocation_failure - Memory could not be allocated / insufficient memory Created on: Oct 14, 2013 Author: hemalatha The test case contains co...

Defect Type: Resource management defects Defect Sub-type: Memory allocation failure Description: memory_allocation_failure - Memory could not be allocated / insufficient memory Created on: Oct 14, 2013 Author: hemalatha The test case contains coincidental weaknesses along with intended ones as f...

Defect Type: Dynamic memory defects Defect Sub-type: Dynamic buffer overrun Created on: Sep 27, 2012 Author: caesaru01 The test case contains coincidental weaknesses along with intended ones as follows for file buffer_overrun_dynamic.c: * line(s): 145,151,153,173,434,511,513,550,558 CWE-476 * lin...

No buffer overflow even if the input is not validated. Every operation may write outside the bound of the statically allocated character array.

Buffer overflow if the input is not validated. Every operation may write outside the bound of the statically allocated character array.

The test case avoids a Stack Overflow by fixing a bad loop exit condition (and start index).

The test case shows a Stack Overflow with a bad loop exit condition (and start index).

The test case avoids a Stack Overflow by fixing a bad array index.

The test case shows a Stack Overflow with an off-by-one array index.