CWE: 127 Buffer Under-read BadSource: Set data pointer to before the allocated memory buffer GoodSource: Set data pointer to the allocated memory buffer Sink: ncpy BadSink : Copy data to string using wcsncpy Flow Variant: 18 Control flow: goto statements

CWE: 127 Buffer Under-read BadSource: Set data pointer to before the allocated memory buffer GoodSource: Set data pointer to the allocated memory buffer Sink: ncpy BadSink : Copy data to string using wcsncpy Flow Variant: 09 Control flow: if(GLOBAL_CONST_TRUE) and if(GLOBAL_CONST_FALSE)

CWE: 127 Buffer Under-read BadSource: Set data pointer to before the allocated memory buffer GoodSource: Set data pointer to the allocated memory buffer Sink: loop BadSink : Copy data to string using a loop Flow Variant: 09 Control flow: if(GLOBAL_CONST_TRUE) and if(GLOBAL_CONST_FALSE)

CWE: 126 Buffer Over-read BadSource: Set data pointer to a small buffer GoodSource: Set data pointer to a large buffer Sink: memcpy BadSink : Copy data to string using memcpy Flow Variant: 10 Control flow: if(globalTrue) and if(globalFalse)

CWE: 126 Buffer Over-read BadSource: Set data pointer to a small buffer GoodSource: Set data pointer to a large buffer Sinks: memcpy BadSink : Copy data to string using memcpy Flow Variant: 34 Data flow: use of a union containing two methods of accessing the same data (within the same funct...

CWE: 122 Heap Based Buffer Overflow BadSource: Allocate using malloc() and set data pointer to a small buffer GoodSource: Allocate using malloc() and set data pointer to a large buffer Sink: loop BadSink : Copy int array to data using a loop Flow Variant: 54 Data flow: data passed as an arg...

CWE: 122 Heap Based Buffer Overflow BadSource: Allocate memory without using sizeof(int) GoodSource: Allocate memory using sizeof(int) Sinks: memcpy BadSink : Copy array to data using memcpy() Flow Variant: 67 Data flow: data passed in a struct from one function to another in different sour...

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sink: cpy BadSink : Copy data to string using strcpy Flow Variant: 52 Data flow: data passed as an argument from one function to another to another in three differ...

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sinks: cat BadSink : Copy data to string using strcat Flow Variant: 65 Data/control flow: data passed as an argument from one function to a function in a different...

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: cpy BadSink : Copy string to data using wcscpy Flow Variant: 16 Control flow: while(1)

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sinks: cat BadSink : Copy string to data using strcat Flow Variant: 65 Data/control flow: data passed as an argument from one function to a function in a differ...

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sink: memcpy BadSink : Copy data to string using memcpy Flow Variant: 08 Control flow: if(staticReturnsTrue()) and if(staticReturnsFalse())

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: ncat BadSink : Copy string to data using wcsncat Flow Variant: 17 Control flow: for loops

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: loop BadSink : Copy string to data using a loop Flow Variant: 32 Data flow using two pointers to the same value within the same function

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: memcpy BadSink : Copy int array to data using memcpy Flow Variant: 13 Control flow: if(GLOBAL_CONST_FIVE==5) and if(GLOBAL_CONST_FIVE!=5)

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: ncpy BadSink : Copy string to data using strncpy Flow Variant: 54 Data flow: data passed as an argument from one function through three others to a fifth;...

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: memmove BadSink : Copy string to data using memmove Flow Variant: 14 Control flow: if(globalFive==5) and if(globalFive!=5)

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: snprintf BadSink : Copy string to data using snprintf Flow Variant: 51 Data flow: data passed as an argument from one function to another in different sou...

CWE: 121 Stack Based Buffer Overflow BadSource: connect_socket Read data using a connect socket (client side) GoodSource: Larger than zero but less than 10 Sinks: GoodSink: Ensure the array index is valid BadSink : Improperly check the array index by not checking the upper bound Flow Varian...

CWE: 114 Process Control BadSource: relativePath Hard code the relative pathname to the library GoodSource: Hard code the full pathname to the library Sinks: BadSink : Load a dynamic link library Flow Variant: 61 Data flow: data returned from one function to another in different source files

CWE: 114 Process Control BadSource: console Read input from the console GoodSource: Hard code the full pathname to the library Sink: BadSink : Load a dynamic link library Flow Variant: 05 Control flow: if(staticTrue) and if(staticFalse)

unlocked shared resource. PLOVER: RACE, BUFF.OVER

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = variable, Address complexity = con...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = variable, Address complexity = con...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = constant, Address complexity = con...