CWE: 789 Uncontrolled Memory Allocation BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded non-zero, non-min, non-max, even number BadSink: HashMap Create a HashMap using data as the initial size Flow Variant: 04 Control flow: if(PRIVATE_STATIC_FIN...

CWE: 789 Uncontrolled Memory Allocation BadSource: database Read data from a database GoodSource: A hardcoded non-zero, non-min, non-max, even number BadSink: HashSet Create a HashSet using data as the initial size Flow Variant: 06 Control flow: if(PRIVATE_STATIC_FINAL_FIVE==5) and if(PRIVATE...

CWE: 789 Uncontrolled Memory Allocation BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: HashMap BadSink : Create a HashMap using data as the initial size Flow Variant: 52 Data flow: data passed as an argument from...

CWE: 643 Xpath Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: GoodSink: validate input through StringEscapeUtils BadSink : user input is used without validate Flow Variant: 05 Control flow: if(privateTrue)...

CWE: 601 Open Redirect BadSource: getCookies_Servlet Read data from the first cookie using getCookies() GoodSource: A hardcoded string BadSink: place redirect string directly into redirect api call Flow Variant: 17 Control flow: for loops

CWE: 535 Information Exposure through Shell Error Sinks: GoodSink: write non-sensitive information to System.err BadSink : Expose the session ID to System.err Flow Variant: 09 Control flow: if(IO.STATIC_FINAL_TRUE) and if(IO.STATIC_FINAL_FALSE)

CWE: 459 Incomplete Cleanup Sinks: Servlet_temp_file GoodSink: Delete the temporary file manually BadSink : Use .deleteOnExit() to delete the temp file, potentially leaving the file in existence for a long time Flow Variant: 16 Control flow: while(true)

CWE: 400 Resource Exhaustion BadSource: max_value Set count to a hardcoded value of Integer.MAX_VALUE GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: for_loop GoodSink: Validate count before using it as the loop variant in a for loop BadSink : Use count as the loop var...

CWE: 400 Resource Exhaustion BadSource: listen_tcp Read count using a listening tcp connection GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: write GoodSink: Write to a file count number of times, but first validate count BadSink : Write to a file count number of time...

CWE: 400 Resource Exhaustion BadSource: Property Read count from a system property GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: for_loop GoodSink: Validate count before using it as the loop variant in a for loop BadSink : Use count as the loop variant in a for loop ...

CWE: 400 Resource Exhaustion BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: for_loop GoodSink: Validate count before using it as the loop variant in a for loop ...

CWE: 400 Resource Exhaustion BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: for_loop GoodSink: Validate count before using it as the loop variant in a for loop ...

CWE: 400 Resource Exhaustion BadSource: getParameter_Servlet Read count from a querystring using getParameter() GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: for_loop GoodSink: Validate count before using it as the loop variant in a for loop BadSink : Use count as th...

CWE: 369 Divide by zero BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: divide GoodSink: Check for zero before dividing BadSink : Dividing by a value that may be zero Flow Variant: 08 Co...

CWE: 369 Divide by zero BadSource: Environment Read data from an environment variable GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: divide GoodSink: Check for zero before dividing BadSink : Dividing by a value that may be zero Flow Variant: 42 Data flow: data return...

CWE: 369 Divide by zero BadSource: random Set data to a random value between 0.0f (inclusive) and 1.0f (exclusive) GoodSource: A hardcoded non-zero number (two) Sinks: modulo GoodSink: Check for zero before modulo BadSink : Modulo by a value that may be zero Flow Variant: 17 Control flow: f...

CWE: 369 Divide by zero BadSource: random Set data to a random value between 0.0f (inclusive) and 1.0f (exclusive) GoodSource: A hardcoded non-zero number (two) Sinks: divide GoodSink: Check for zero before dividing BadSink : Dividing by a value that may be zero Flow Variant: 66 Data flow: ...

CWE: 338 Use of Cryptographically Weak PRNG Sinks: math GoodSink: stronger PRNG BadSink : weak PRNG Flow Variant: 09 Control flow: if(IO.STATIC_FINAL_TRUE) and if(IO.STATIC_FINAL_FALSE)

CWE: 197 Numeric Truncation Error BadSource: random Set data to a random value GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: to_byte BadSink : Convert data to a byte Flow Variant: 74 Data flow: data passed in a HashMap from one method to another in different source f...

CWE: 191 Integer Underflow BadSource: min Set data to the max value for long GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: sub GoodSink: Ensure there will not be an underflow before subtracting 1 from data BadSink : Subtract 1 from data, which can cause an Underflow ...

CWE: 191 Integer Underflow BadSource: Property Read data from a system property GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: sub GoodSink: Ensure there will not be an underflow before subtracting 1 from data BadSink : Subtract 1 from data, which can cause an Underfl...

CWE: 191 Integer Underflow BadSource: Property Read data from a system property GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: multiply GoodSink: Ensure there will not be an underflow before multiplying data by 2 BadSink : If data is negative, multiply by 2, which can...

CWE: 190 Integer Overflow BadSource: console_readLine Read data from the console using readLine GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: multiply GoodSink: Ensure there will not be an overflow before multiplying data by 2 BadSink : If data is positive, multiply ...

CWE: 190 Integer Overflow BadSource: console_readLine Read data from the console using readLine GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: square GoodSink: Ensure there will not be an overflow before squaring data BadSink : Square data, which can lead to overflow ...

CWE: 190 Integer Overflow BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: add GoodSink: Ensure there will not be an overflow before adding 1 to data BadSink : Add 1 to data, which can cause an over...