CWE: 191 Integer Underflow BadSource: rand Set data to result of rand() GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: sub GoodSink: Ensure there will not be an underflow before subtracting 1 from data BadSink : Subtract 1 from data, which can cause an Underflow Flow...

CWE: 191 Integer Underflow BadSource: console_readLine Read data from the console using readLine GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: sub GoodSink: Ensure there will not be an underflow before subtracting 1 from data BadSink : Subtract 1 from data, which can...

CWE: 190 Integer Overflow BadSource: File Read data from file (named c:\data.txt) GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: add GoodSink: Ensure there will not be an overflow before adding 1 to data BadSink : Add 1 to data, which can cause an overflow Flow Varia...

CWE: 190 Integer Overflow BadSource: console_readLine Read data from the console using readLine GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: add GoodSink: Ensure there will not be an overflow before adding 1 to data BadSink : Add 1 to data, which can cause an overfl...

The product does not properly check inputs that are used for loop conditions when creating a random file name. If the target size of filename is too large for the filesystem, an IOException is raised and kills the current thread. Metadata - Base program: Elastic Search - Source Taint: ENVIRO...

This test creates a connection to the PGSQL database, and creates a query string based on data in an environment variable. This data is not checked for special elements, however, and it is possible to construct a query string that performs unexpected data retrievals or modifications. Metadata...

This test takes in integer n. The program attempts to open n files. If n is large enough the number of file handles will be exhausted, these files handlers are never closed, and stored in a global arraylist, causing the entire program to fail to open any files from that point on. Metadata - Base...

This test reads data from a sensitive file without checking the return value, and then repeats the operation on a non-sensitive file, then printing the second file. Technical Impact is information leakage. Metadata - Base program: Apache POI - Source Taint: FILE_CONTENTS - Data Type: VOID_PO...

CWE: 90 LDAP Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string BadSink: data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 17 Control flow: for loops

CWE: 89 SQL Injection BadSource: getParameter_Servlet Read data from a querystring using getParameter() GoodSource: A hardcoded string Sinks: prepareStatement GoodSink: Use prepared statement and execute (properly) BadSink : data concatenated into SQL statement used in prepareStatement() cal...

CWE: 89 SQL Injection BadSource: PropertiesFile Read data from a .properties file (in property named data) GoodSource: A hardcoded string Sinks: executeUpdate GoodSink: Use prepared statement and executeUpdate (properly) BadSink : data concatenated into SQL statement used in executeUpdate(),...

CWE: 78 OS Command Injection BadSource: database Read data from a database GoodSource: A hardcoded string Sinks: exec BadSink : dynamic command execution with Runtime.getRuntime().exec() Flow Variant: 31 Data flow: make a copy of data within the same method

CWE: 78 OS Command Injection BadSource: URLConnection Read data from a web server with URLConnection GoodSource: A hardcoded string Sinks: exec BadSink : dynamic command execution with Runtime.getRuntime().exec() Flow Variant: 81 Data flow: data passed in a parameter to an abstract method

CWE: 789 Uncontrolled Memory Allocation BadSource: database Read data from a database GoodSource: A hardcoded non-zero, non-min, non-max, even number BadSink: HashSet Create a HashSet using data as the initial size Flow Variant: 08 Control flow: if(privateReturnsTrue()) and if(privateReturnsF...

CWE: 789 Uncontrolled Memory Allocation BadSource: Environment Read data from an environment variable GoodSource: A hardcoded non-zero, non-min, non-max, even number BadSink: HashSet Create a HashSet using data as the initial size Flow Variant: 11 Control flow: if(IO.staticReturnsTrue()) and ...

CWE: 601 Open Redirect BadSource: getQueryString_Servlet Parse id param out of the URL query string (without using getParameter()) GoodSource: A hardcoded string BadSink: place redirect string directly into redirect api call Flow Variant: 42 Data flow: data returned from one method to anothe...

CWE: 506 Embedded Malicious Code Sinks: base64_encoded_payload GoodSink: Use a plaintext command BadSink : Use a base64 encoded payload in an attempt to hide the command Flow Variant: 02 Control flow: if(true) and if(false)

CWE: 400 Resource Exhaustion BadSource: Environment Read count from an environment variable GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: GoodSink: Validate count before using it as a parameter in sleep function BadSink : Use count as the parameter for sleep withhout...

CWE: 400 Resource Exhaustion BadSource: random Set count to a random value GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: for_loop GoodSink: Validate count before using it as the loop variant in a for loop BadSink : Use count as the loop variant in a for loop Flow Va...

CWE: 319 Cleartext Transmission of Sensitive Information BadSource: listen_tcp Read password using a listening tcp connection GoodSource: Set password to a hardcoded value (one that was not sent over the network) Sinks: passwordAuth GoodSink: Decrypt password before using in PasswordAuthentic...

CWE: 197 Numeric Truncation Error BadSource: database Read data from a database GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: to_byte BadSink : Convert data to a byte Flow Variant: 75 Data flow: data passed in a serialized object from one method to another in differe...

CWE: 191 Integer Underflow BadSource: min Set data to the max value for short GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: multiply GoodSink: Ensure there will not be an underflow before multiplying data by 2 BadSink : If data is negative, multiply by 2, which can c...

CWE: 191 Integer Underflow BadSource: connect_tcp Read data using an outbound tcp connection GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: sub GoodSink: Ensure there will not be an underflow before subtracting 1 from data BadSink : Subtract 1 from data, which can cau...

CWE: 190 Integer Overflow BadSource: console_readLine Read data from the console using readLine GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: add GoodSink: Ensure there will not be an overflow before adding 1 to data BadSink : Add 1 to data, which can cause an overfl...

CWE: 190 Integer Overflow BadSource: random Set data to a random value GoodSource: A hardcoded non-zero, non-min, non-max, even number Sinks: add GoodSink: Ensure there will not be an overflow before adding 1 to data BadSink : Add 1 to data, which can cause an overflow Flow Variant: 01 Base...