The code, with a inter procedural scope complexity, tries to execute a system command, read from the input buffer. Validation is done by ProcessBuilder before execution.

The code tries to execute a system command, read from the input buffer. Validation is done by ProcessBuilder before execution.

Proper bounds checking for strcat()[br][br]Still theoretically vulnerable to integer overflow.[br][br]This replaces cases 1322 and 1323. This is the fixed version of cases 2081 and 2082.

Integer pointer is assigned a value within current buffer.

Fixed strcpy to prevent stack overflow.

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics: write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = function re...

Since the argument (the file name) is not validated, one can open every file and print it.

The test cases shows hard-coded password is not used.

The test cases shows hard-coded password is not used.

The test case shows a Heap Overflow will not occur when assigning a character \'a\' to a heap buffer. The code has array address complexity.

The test case shows a Heap Overflow will not occur when assigning a character \'a\' to a heap buffer. The code has scope complexity.

The test case shows a Heap Overflow will not occur when assigning a character \'a\' to a heap buffer.

Pointer is initialized before use.

Allocated memory is deleted after use.

Allocated memory is deleted after use. There will be no memory leak.

Allocated memory is deleted after use.

Allocated memory is deleted after use. There will be no memory leak.

The test cases shows passwords are stored in the system and not hard coded.

The test cases shows passwords are stored in the system and not hard coded.

The test cases shows passwords are stored in the system and not hard-coded.

The test cases shows passwords are stored in a vector and not hard-coded.

The test cases shows hard-coded passwords is not used.

Assume all input is malicious. Use an appropriate combination of black lists and white lists to ensure only valid and expected input is processed by the system.

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack. In the case of C++, misusing container vector could also cause stack overflow.

A software system that accepts and executes input in the form of operating system commands (e.g. system(), exec(), open()) should examine the input before its use.