CWE: 127 Buffer Under-read BadSource: Set data pointer to before the allocated memory buffer GoodSource: Set data pointer to the allocated memory buffer Sink: cpy BadSink : Copy data to string using wcscpy Flow Variant: 51 Data flow: data passed as an argument from one function to another i...

CWE: 127 Buffer Under-read BadSource: Set data pointer to before the allocated memory buffer GoodSource: Set data pointer to the allocated memory buffer Sink: ncpy BadSink : Copy data to string using strncpy Flow Variant: 07 Control flow: if(staticFive==5) and if(staticFive!=5)

CWE: 126 Buffer Overread Sinks: strncpy GoodSink: Copy a string using wcsncpy() with explicit null termination BadSink : Copy a string using wcsncpy() without explicit null termination Flow Variant: 16 Control flow: while(1)

CWE: 126 Buffer Overread Sinks: strncpy GoodSink: Copy a string using wcsncpy() with explicit null termination BadSink : Copy a string using wcsncpy() without explicit null termination Flow Variant: 15 Control flow: switch(6)

CWE: 124 Buffer Underwrite BadSource: Set data pointer to before the allocated memory buffer GoodSource: Set data pointer to the allocated memory buffer Sinks: memmove BadSink : Copy string to data using memmove Flow Variant: 31 Data flow using a copy of data within the same function

CWE: 122 Heap Based Buffer Overflow BadSource: Allocate using malloc() and set data pointer to a small buffer GoodSource: Allocate using malloc() and set data pointer to a large buffer Sink: cpy BadSink : Copy string to data using strcpy Flow Variant: 68 Data flow: data passed as a global v...

CWE: 122 Heap Based Buffer Overflow BadSource: Allocate using malloc() and set data pointer to a small buffer GoodSource: Allocate using malloc() and set data pointer to a large buffer Sink: ncat BadSink : Copy string to data using wcsncat Flow Variant: 53 Data flow: data passed as an argum...

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sink: cpy BadSink : Copy data to string using strcpy Flow Variant: 12 Control flow: if(globalReturnsTrueOrFalse())

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sink: cpy BadSink : Copy data to string using strcpy Flow Variant: 09 Control flow: if(GLOBAL_CONST_TRUE) and if(GLOBAL_CONST_FALSE)

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sink: cat BadSink : Copy data to string using strcat Flow Variant: 12 Control flow: if(globalReturnsTrueOrFalse())

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: cpy BadSink : Copy string to data using wcscpy Flow Variant: 04 Control flow: if(STATIC_CONST_TRUE) and if(STATIC_CONST_FALSE)

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sink: memcpy BadSink : Copy data to string using memcpy Flow Variant: 68 Data flow: data passed as a global variable from one function to another in different sour...

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sinks: loop BadSink : Copy data to string using a loop Flow Variant: 44 Data/control flow: data passed as an argument from one function to a function in the same s...

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: memmove BadSink : Copy string to data using memmove Flow Variant: 03 Control flow: if(5==5) and if(5!=5)

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: snprintf BadSink : Copy string to data using snprintf Flow Variant: 13 Control flow: if(GLOBAL_CONST_FIVE==5) and if(GLOBAL_CONST_FIVE!=5)

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: ncat BadSink : Copy string to data using strncat Flow Variant: 07 Control flow: if(staticFive==5) and if(staticFive!=5)

CWE: 121 Stack Based Buffer Overflow BadSource: Point data to a buffer that does not have space for a NULL terminator GoodSource: Point data to a buffer that includes space for a NULL terminator Sink: memmove BadSink : Copy string to data using memmove() Flow Variant: 07 Control flow: if(st...

CWE: 114 Process Control BadSource: listen_socket Read data using a listen socket (server side) GoodSource: Hard code the full pathname to the library Sinks: BadSink : Load a dynamic link library Flow Variant: 34 Data flow: use of a union containing two methods of accessing the same data (wi...

CWE: 114 Process Control BadSource: listen_socket Read data using a listen socket (server side) GoodSource: Hard code the full pathname to the library Sink: BadSink : Load a dynamic link library Flow Variant: 13 Control flow: if(GLOBAL_CONST_FIVE==5) and if(GLOBAL_CONST_FIVE!=5)

Pointer to allocated memory is not returned in function foo2(), and memory cannot be subsequently freed.

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = variable, Address complexity = con...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = variable, Address complexity = con...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = constant, Address complexity = con...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = linear expression, Address complex...

An strcpy overflows a stack buffer. A check was made to avoid an overflow condition but the check is off by one. PLOVER: BUFF.OVER