Simple test of tool ability to identify a double free weakness.

Test of tool ability to identify a memory leak.

Test of tool ability to identify a potentil write-what-where weakness in code.

Test of tool\'s ability to identify an assignment of public data to to a private array field.

Private Array-Typed field returned from a public method.

Test of tool ability to identify improper pointer subtraction.

write-what-where error

type errors

integer underflow error (wrap or wraparound)

integer overflow error(wrap or wraparound)

signed-to-unsigned error

Infinite loop

Test of tool recognition of pointer scaling weakness.

Test of tool ability to identify an unchecked (unhandled) exception in Java.

Test of tool ability to identify an unchecked error condition.

Test determines if a tool can identify a hardcoded password weakness in code.

Test if a tool can detect a heap inspection weakness.

This sample contains the format string vulnerability CVE-2000-0867 from sysklogd 1.3.30. The flaw is found when the LogLine() function of klogd.c calls the Syslog() function in the same file.

Test of tool to identify potential resource injection weakness in source code.

Test of tool\'s ability to identify potential resource injection in code.

Test to verify that a tool identifies a potential path manipulation code weakness.

Tainted output allows cross-site scripting attack. (fixed version 2)

Tainted output allows cross-site scripting attack.

Tainted output allows cross-site scripting attack.

An unsafe function is used causing the entire container to exit.