CWE: 190 Integer Overflow BadSource: listen_tcp Read data using a listening tcp connection GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: add GoodSink: Ensure there will not be an overflow before adding 1 to data BadSink : Add 1 to data, which can cause an overflow F...

Test will take in a value that is a path to a file under the working directory that will then be displayed. The path isn't checked for ../ characters and as a result will display files outside of the current working directory. Metadata - Base program: Apache Lucene - Source Taint: SOCKET - ...

Test will take in a value that is a path to a file under the working directory that will then be displayed. The path isn't checked for ../ characters and as a result will display files outside of the current working directory. Metadata - Base program: Apache POI - Source Taint: SOCKET - Dat...

This test takes in data from an argument, that is intended to contain parameters for an 'find' command. The test does not perform checks on the parameters, however, and it is possible to include other, unexpected commands as part of the find parameter set. Metadata - Base program: Apache Leny...

This test takes in a value passed as an argument This value is originally signed, but is converted to unsigned when stored in a char. This value is then used to index an allocated array with a signed value. Metadata - Base program: Apache Jena - Source Taint: FILE_CONTENTS - Data Type: VOID...

This weakness takes an integer, two file names, and an integer "int file1 file2 int" as an input. The first integer is the size of the array to sort for timing in benign cases without FIFO files as inputs. The two files are used for thread "scheduling", if they are FIFO files in the order "fifo1 ...

CVE-2009-0497

CVE-2011-0013

CWE: 89 SQL Injection BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() cal...

CWE: 89 SQL Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: executeQuery GoodSink: Use prepared statement and executeQuery (properly) BadSink : data concatenated into SQL statement used in executeQuery(), which could result in SQL Injection Flow...

CWE: 81 Cross Site Scripting (XSS) in Error Message BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: sendErrorServlet XSS in sendError Flow Variant: 13 Control flow: if(IO.STATIC_FINAL_FIVE==5) and if(IO.STATIC_FINAL_FIVE...

CWE: 476 Null Pointer Dereference BadSource: Set data to null GoodSource: Set data to a non-null value Sinks: GoodSink: add check to prevent possibility of null dereference BadSink : possibility of null dereference Flow Variant: 09 Control flow: if(IO.STATIC_FINAL_TRUE) and if(IO.STATIC_FI...

CWE: 400 Resource Exhaustion BadSource: connect_tcp Read count using an outbound tcp connection GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: GoodSink: Validate count before using it as a parameter in sleep function BadSink : Use count as the parameter for sleep with...

CWE: 400 Resource Exhaustion BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: write GoodSink: Write to a file count number of times, but first validate count BadS...

CWE: 400 Resource Exhaustion BadSource: console_readLine Read count from the console using readLine GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: write GoodSink: Write to a file count number of times, but first validate count BadSink : Write to a file count number of...

CWE: 398 Indicator of Poor Code Quality Sinks: empty_for GoodSink: For statement contains code BadSink : An empty for statement has no effect Flow Variant: 07 Control flow: if(privateFive==5) and if(privateFive!=5)

CWE: 369 Divide by zero BadSource: database Read data from a database GoodSource: A hardcoded non-zero number (two) Sinks: divide GoodSink: Check for zero before dividing BadSink : Dividing by a value that may be zero Flow Variant: 09 Control flow: if(IO.STATIC_FINAL_TRUE) and if(IO.STATIC_...

CWE: 259 Hard Coded Password BadSource: hardcodedPassword Set data to a hardcoded string GoodSource: Read data from the console using readLine() BadSink: kerberosKey data used as password in KerberosKey() Flow Variant: 08 Control flow: if(privateReturnsTrue()) and if(privateReturnsFalse())

CWE: 23 Relative Path Traversal BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string Sinks: readFile BadSink : no validation Flow Variant: 61 Data flow: data returned from one method to another in different...

CWE: 23 Relative Path Traversal BadSource: database Read data from a database GoodSource: A hardcoded string BadSink: readFile no validation Flow Variant: 06 Control flow: if(PRIVATE_STATIC_FINAL_FIVE==5) and if(PRIVATE_STATIC_FINAL_FIVE!=5)

CWE: 197 Numeric Truncation Error BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded non-zero, non-min, non-max, even number BadSink: to_byte Convert data to a byte Flow Variant: 05 Control flow: if(privateTrue) and if(privateFalse)

CWE: 191 Integer Underflow BadSource: console_readLine Read data from the console using readLine GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: multiply GoodSink: Ensure there will not be an underflow before multiplying data by 2 BadSink : If data is negative, multipl...

CWE: 191 Integer Underflow BadSource: rand Set data to result of rand() GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: sub GoodSink: Ensure there will not be an underflow before subtracting 1 from data BadSink : Subtract 1 from data, which can cause an Underflow Flow...

CWE: 191 Integer Underflow BadSource: Environment Read data from an environment variable GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: sub GoodSink: Ensure there will not be an underflow before subtracting 1 from data BadSink : Subtract 1 from data, which can cause a...

CWE: 190 Integer Overflow BadSource: random Set data to a random value GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: square GoodSink: Ensure there will not be an overflow before squaring data BadSink : Square data, which can lead to overflow Flow Variant: 72 Data fl...