The test cases implements CVE-2002-1869: [em]Don\'t check if you can write a log file allow attackers to avoid logging.[/em]

The test cases implements CVE-2002-1869: Don\'t check if you can write a log file allow attackers to avoid logging.

CWE: 122 Heap Based Buffer Overflow BadSource: Allocate using malloc() and set data pointer to a small buffer GoodSource: Allocate using malloc() and set data pointer to a large buffer Sink: memmove BadSink : Copy long long array to data using memmove Flow Variant: 14 Control flow: if(globa...

CWE: 122 Heap Based Buffer Overflow BadSource: Allocate using malloc() and set data pointer to a small buffer GoodSource: Allocate using malloc() and set data pointer to a large buffer Sink: memcpy BadSink : Copy string to data using memcpy Flow Variant: 13 Control flow: if(global_const_fiv...

CWE: 122 Heap Based Buffer Overflow BadSource: Allocate using malloc() and set data pointer to a small buffer GoodSource: Allocate using malloc() and set data pointer to a large buffer Sink: loop BadSink : Copy string to data using a loop Flow Variant: 14 Control flow: if(global_five==5) an...

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sink: ncat BadSink : Copy data to string using wcsncat Flow Variant: 51 Data flow: data passed as an argument from one function to another in different source files

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sink: loop BadSink : Copy data to string using a loop Flow Variant: 19 Control flow: Dead code after a return

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sink: ncpy BadSink : Copy data to string using wcsncpy Flow Variant: 18 Control flow: goto statements

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sinks: snprintf BadSink : Copy data to string using snprintf Flow Variant: 44 Data/control flow: data passed as an argument from one function to a function in the ...

CWE: 121 Stack Based Buffer Overflow BadSource: Initialize data as a large string GoodSource: Initialize data as a small string Sink: cat BadSink : Copy data to string using strcat Flow Variant: 54 Data flow: data passed as an argument from one function through three others to a fifth; all ...

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sinks: cpy BadSink : Copy string to data using wcscpy Flow Variant: 44 Data/control flow: data passed as an argument from one function to a function in the same...

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: cat BadSink : Copy string to data using wcscat Flow Variant: 41 Data flow: data passed as an argument from one function to another in the same source file

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: cat BadSink : Copy string to data using wcscat Flow Variant: 12 Control flow: if(global_returns_t_or_f())

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: loop BadSink : Copy twoints array to data using a loop Flow Variant: 13 Control flow: if(global_const_five==5) and if(global_const_five!=5)

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: memcpy BadSink : Copy twoints array to data using memcpy Flow Variant: 10 Control flow: if(global_t) and if(global_f)

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sinks: memcpy BadSink : Copy int array to data using memcpy Flow Variant: 67 Data flow: data passed in a struct from one function to another in different source...

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: cpy BadSink : Copy string to data using strcpy Flow Variant: 02 Control flow: if(1) and if(0)

CWE: 121 Stack Based Buffer Overflow BadSource: Set data pointer to the bad buffer GoodSource: Set data pointer to the good buffer Sink: memmove BadSink : Copy string to data using memmove Flow Variant: 16 Control flow: while(1) and while(0)

CWE: 114 Process Control BadSource: listen_socket Read data using a listen socket (server side) GoodSource: Hard code the full pathname to the library Sink: BadSink : Load a dynamic link library Flow Variant: 12 Control flow: if(global_returns_t_or_f())

CWE: 114 Process Control BadSource: fromConsole Read input from the console GoodSource: Hard code the full pathname to the library Sinks: BadSink : Load a dynamic link library Flow Variant: 65 Data/control flow: data passed as an argument from one function to a function in a different source...

CWE: 114 Process Control BadSource: fromConsole Read input from the console GoodSource: Hard code the full pathname to the library Sink: BadSink : Load a dynamic link library Flow Variant: 08 Control flow: if(static_returns_t()) and if(static_returns_f())

CWE: 114 Process Control BadSource: fromConsole Read input from the console GoodSource: Hard code the full pathname to the library Sink: BadSink : Load a dynamic link library Flow Variant: 06 Control flow: if(static_const_five==5) and if(static_const_five!=5)

CWE: 114 Process Control BadSource: fromConsole Read input from the console GoodSource: Hard code the full pathname to the library Sink: BadSink : Load a dynamic link library Flow Variant: 02 Control flow: if(1) and if(0)

CWE: 114 Process Control BadSource: Environment Read input from an environment variable GoodSource: Hard code the full pathname to the library Sink: BadSink : Load a dynamic link library Flow Variant: 41 Data flow: data passed as an argument from one function to another in the same source file

Uninitialized variable