Displaying test cases 92601 - 92625 of 92645 in total
-
Using the value of an unitialized variable is not safe. (from TCCLASP-5_6_4_10)
-
The use of a hard-coded password increases the possibility of password guessing tremendously. (from TCCLASP-5_5_9_10-C)
-
In C and C++, one may often accidentally refer to the wrong memory due to the semantics of when math operations are implicitly scaled. (from TCCLASP-5_6_9_10)
-
malloc"d data is freed more than once. PLOVER: MISC.DFREE
-
Syslog is called with a user supplied format string. An attempt was made to preformat the buffer but the vulnerability remains. PLOVER: BUFF.OVER, BUFF.FORMAT
-
Printf is called with a user supplied format string. PLOVER: BUFF.OVER, BUFF.FORMAT
-
The accidental addition of a data-structure sentinel can cause serious programing . The accidental addition of a data-structure sentinel can cause serious programing logic problems. (from TCCLASP-5_6_7_10)
-
If a functions return value is not checked, it could have failed without any warning. (from TCCLASP-5_6_1_9)
-
If too few arguments are sent to a function, the function will still pop the expected number of arguments from the stack. Potentially, a variable number of arguments could be exhausted in a function as well. (from TCCLASP-5_6_2_10)
-
Tempfile creation should be done in a safe way. To be safe, the temp file function should open up the temp file with appropriate access control. The temp file function should also retain this quality, while being resistant to race conditions. (from TCCLASP-5_6_20_10)
-
Not using a a random initialization vector with Cipher Block Chaining (CBC) Mode causes algorithms to be susceptible to dictionary attacks. (from TCCLASP-5_5_22_10-C)
-
The accidental deletion of a can cause serious programing logic problems. (from TCCLASP-5_6_6_10)
-
If a function"s return value is not properly checked, the function could have failed without proper acknowledgement. (from TCCLASP-5_6_3_10)
-
A strcpy of a buffer with a missing NUL character causes a stack buffer to overflow. PLOVER: BUFF.OVER, BUFF.FORMAT
-
A strcpy of a buffer with a missing NUL character causes a stack buffer to overflow. PLOVER: BUFF.OVER, BUFF.FORMAT
-
malloc"d data is never freed and all pointers to the data are lost. PLOVER: RES.MEMLEAK
-
integer overflow results in a short malloc and an overflow. PLOVER: NUM.OVERFLOW, BUFF.OVER
-
fgets is called with an incorrect bounds allow a stack buffer to be overrun. PLOVER: BUFF.OVER
-
gets used on user input. PLOVER: BUFF.OVER
-
Syslog is called with a user supplied format string. PLOVER: BUFF.OVER, BUFF.FORMAT
-
A chroot() is performed without a chdir(). PLOVER:CP.UPATH.ELEMENT
-
An ad-hoc string copy without bounds check overflows a stack buffer. PLOVER: BUFF.OVER
-
An ad hoc gets without bounds checkes allows a stack buffer to be overrun. PLOVER CLASS: BUFF.OVER
-
Running sizeof() on a malloced pointer type will always return the wordsize/8. (from TCCLASP-5_6_8_10)
-
Sometimes an error is detected, and bad or no action is taken. (from TCCLASP-5_6_19_10)