The test case avoids a Time-of-Check-Time-of-Use (TOCTOU) race condition between checking access permissions and then opening and writing to the file.

The SQL Injection is not possible because the arguments are validated. The code complexity is in the call of another function to perform the MySQL query.

The SQL Injection is not possible because the arguments are validated.

The SQL Injection is not possible because the arguments are validated before the MySQL query.

The test case avoids a Cross-Site Scripting of a CGI program in C that takes the arguments and print it out.

Correctly refer to the expected memory address due to the semantics of when math operations are implicitly scaled.

Test of tool ability to identify use of an uninitialized variable (fixed).

The test case avoids a Stack-based Buffer Overflow.

Test if tool can detect a heap inspection vulnerability (fixed).

A strcpy is used to copy a string into a heap buffer. The caller shortens the string to prevent a buffer overflow from occuring.

A strncpy safely copies a string into a heap buffer.

A length check is made before strcpy, avoiding heap buffer overflow.

A strcpy does not overflow a stack buffer because a check is made to avoid an overflow condition.

A malloc-ed data is freed only once.

A malloc-ed data is freed in the caller.

A malloc-ed data is freed.

Integer overflow results in a short malloc and an overflow. A guard is put in place to protect against the overflow.

An fgets is called with a correct bound.

An fgets is used in place of gets with a proper bounds check.

A printf is called with a static format string. This is not a defect.

A syslog is called with a static format string.

An ad-hoc string copy with bounds check does not overflows a stack buffer.

An ad hoc gets with bounds check does not allow a stack buffer to be overrun.

A string decode function properly checks for termination and no buffer overflow occurs.

A system() is called with user-provided data but the data is strictly scrutinized first.