CWE: 127 Buffer Under-read BadSource: Set data pointer to before the allocated memory buffer GoodSource: Set data pointer to the allocated memory buffer Sink: cpy BadSink : Copy data to string using wcscpy Flow Variant: 07 Control flow: if(staticFive==5) and if(staticFive!=5)

CWE: 127 Buffer Under-read BadSource: Set data pointer to before the allocated memory buffer GoodSource: Set data pointer to the allocated memory buffer Sink: memcpy BadSink : Copy data to string using memcpy Flow Variant: 52 Data flow: data passed as an argument from one function to anothe...

CWE: 126 Buffer Over-read BadSource: Use a small buffer GoodSource: Use a large buffer Sinks: loop BadSink : Copy data to string using a loop Flow Variant: 31 Data flow using a copy of data within the same function

CWE: 124 Buffer Underwrite BadSource: Set data pointer to before the allocated memory buffer GoodSource: Set data pointer to the allocated memory buffer Sinks: ncpy BadSink : Copy string to data using wcsncpy Flow Variant: 67 Data flow: data passed in a struct from one function to another i...

CWE: 124 Buffer Underwrite BadSource: Set data pointer to before the allocated memory buffer GoodSource: Set data pointer to the allocated memory buffer Sink: ncpy BadSink : Copy string to data using strncpy Flow Variant: 18 Control flow: goto statements

CWE: 124 Buffer Underwrite BadSource: Set data pointer to before the allocated memory buffer GoodSource: Set data pointer to the allocated memory buffer Sink: memcpy BadSink : Copy string to data using memcpy Flow Variant: 13 Control flow: if(GLOBAL_CONST_FIVE==5) and if(GLOBAL_CONST_FIVE!=5)

CWE: 124 Buffer Underwrite BadSource: Set data pointer to before the allocated memory buffer GoodSource: Set data pointer to the allocated memory buffer Sinks: loop BadSink : Copy string to data using a loop Flow Variant: 74 Data flow: data passed in a map from one function to another in di...

CWE: 122 Heap Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sink: cpy BadSink : Copy data to string using strcpy Flow Variant: 04 Control flow: if(STATIC_CONST_TRUE) and if(STATIC_CONST_FALSE)

CWE: 122 Heap Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sinks: ncpy BadSink : Copy data to string using wcsncpy Flow Variant: 74 Data flow: data passed in a map from one function to another in different source files

CWE: 122 Heap Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sink: loop BadSink : Copy data to string using a loop Flow Variant: 06 Control flow: if(STATIC_CONST_FIVE==5) and if(STATIC_CONST_FIVE!=5)

CWE: 122 Heap Based Buffer Overflow BadSource: Allocate using new[] and set data pointer to a small buffer GoodSource: Allocate using new[] and set data pointer to a large buffer Sinks: memmove BadSink : Copy string to data using memmove Flow Variant: 43 Data flow: data flows using a C++ re...

CWE: 122 Heap Based Buffer Overflow BadSource: Allocate using new[] and set data pointer to a small buffer GoodSource: Allocate using new[] and set data pointer to a large buffer Sink: memcpy BadSink : Copy int64_t array to data using memcpy Flow Variant: 16 Control flow: while(1)

CWE: 122 Heap Based Buffer Overflow BadSource: Allocate memory for a string, but do not allocate space for NULL terminator GoodSource: Allocate enough memory for a string and the NULL terminator Sink: ncpy BadSink : Copy string to data using wcsncpy() Flow Variant: 10 Control flow: if(globa...

CWE: 122 Heap Based Buffer Overflow BadSource: Allocate memory for a string, but do not allocate space for NULL terminator GoodSource: Allocate enough memory for a string and the NULL terminator Sink: memmove BadSink : Copy string to data using memmove() Flow Variant: 15 Control flow: switc...

CWE: 122 Heap Based Buffer Overflow BadSource: rand Set data to result of rand(), which may be zero GoodSource: Larger than zero but less than 10 Sinks: GoodSink: Ensure the array index is valid BadSink : Improperly check the array index by not checking the upper bound Flow Variant: 42 Data...

CWE: 122 Heap Based Buffer Overflow BadSource: listen_socket Read data using a listen socket (server side) GoodSource: Larger than zero but less than 10 Sinks: GoodSink: Ensure the array index is valid BadSink : Improperly check the array index by not checking the upper bound Flow Variant: ...

CWE: 122 Heap Based Buffer Overflow BadSource: fgets Read data from the console using fgets() GoodSource: Larger than zero but less than 10 Sinks: GoodSink: Ensure the array index is valid BadSink : Improperly check the array index by not checking the upper bound Flow Variant: 66 Data flow:...

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sinks: cpy BadSink : Copy data to string using strcpy Flow Variant: 83 Data flow: data passed to class constructor and destructor by declaring the class object on ...

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sinks: cat BadSink : Copy string to data using strcat Flow Variant: 73 Data flow: data passed in a list from one function to another in different source files

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sinks: ncat BadSink : Copy data to string using strncat Flow Variant: 33 Data flow: use of a C++ reference to data within the same function

CWE: 114 Process Control BadSource: environment Read input from an environment variable GoodSource: Hard code the full pathname to the library Sinks: BadSink : Load a dynamic link library Flow Variant: 83 Data flow: data passed to class constructor and destructor by declaring the class objec...

The test cases shows passwords are stored in a vector and not hard-coded.

The test cases shows hard-coded passwords is used in a container.

Null Dereference in a Index Alias complexity

creates a short that it does not delete