Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Read, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = constant, Address complexity = cons...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Read, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = constant, Address complexity = cons...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Read, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = constant, Address complexity = cons...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = constant, Address complexity = con...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = constant, Address complexity = con...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = constant, Address complexity = con...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = constant, Address complexity = con...

Sensitive data from getpass is output with syslog. PLOVER: INFO.LEAK

Sensitive data from getpass is output with printf. PLOVER: INFO.LEAK

Execl() is called with user-provided data. PLOVER: CODE.EVAL

A sprintf based on a guarded format string miscalculates the size and allows a stack buffer to be overrun. PLOVER: BUFF.OVER, BUFF.LENCALC

sprintf allows a stack buffer to be overrun. PLOVER: BUFF.OVER

snprintf is used repeatedly while keeping track of the residual buffer length, however an accounting error allows a stack buffer to be overrun. PLOVER: BUFF.OVER, BUFF.LENCALC

snprintf with incorrect bounds allows a stack buffer to be overrun. PLOVER: BUFF.OVER, BUFF.LENCALC

snprintf with incorrect bounds allows a stack buffer to be overrun. PLOVER: BUFF.OVER, BUFF.LENCALC

snprintf with incorrect bounds allows a stack buffer to be overrun. PLOVER: BUFF.OVER, BUFF.LENCALC

An strcpy overflows a stack buffer. A check was made to avoid an overflow condition but the check is off by one. PLOVER: BUFF.OVER

An strcpy overflows a stack buffer. PLOVER: BUFF.OVER

A strcpy of a buffer with a missing NUL character causes a stack buffer to overflow. PLOVER: BUFF.OVER, BUFF.FORMAT

A strcpy of a buffer with a missing NUL character causes a stack buffer to overflow. PLOVER: BUFF.OVER, BUFF.FORMAT

malloc"d data is never freed and all pointers to the data are lost. PLOVER: RES.MEMLEAK

integer overflow results in a short malloc and an overflow. PLOVER: NUM.OVERFLOW, BUFF.OVER

fgets is called with an incorrect bounds allow a stack buffer to be overrun. PLOVER: BUFF.OVER

gets used on user input. PLOVER: BUFF.OVER

A chroot() is performed without a chdir(). PLOVER:CP.UPATH.ELEMENT