Displaying test cases 425351 - 425375 of 426654 in total
-
Null-termination defect. There is no place allocated for the null terminating character. Thereby, the strcpy() writes beyond the character array. From "Secure Coding in C and C++" by Robert C. Seacord. Page 31, Figure 2-7
-
Common off-by-one defect. The strcpy() copies 11 characters in the source buffer including the terminating null character. Due to the index value, the assignment on line 31 cause an out-of-bound. From "Secure Coding in C and C++" by Robert C. Seacord. Page 30, Figure 2-6
-
Extracting characters using the field width member. Ensure that the operator>> will not extract more thant 12 characters. From "Secure Coding in C and C++" by Robert C. Seacord. Page 29, Figure 2-5
-
Extracting characters from cin into character array. The operator>> will copy outside the bound of the statically allocated array if the length of the input is more than 11 characters. From "Secure Coding in C and C++" by Robert C. Seacord. Page 29, Figure 2-4
-
Dynamic allocation of the character array ensure that sufficient space is allocated to copy the input and the null character. From "Secure Coding in C and C++" by Robert C. Seacord. Page 28, Figure 2-3
-
Buffer overflow if the input is not validated. Every operation may write outside the bound of the statically allocated character array. From "Secure Coding in C and C++" by Robert C. Seacord. Page 28, Figure 2-2
-
Buffer overflow by gets() if input is more than 80 characters. From "Secure Coding in C and C++" by Robert C. Seacord. Page 27, Figure 2-1
-
The order of evaluation is unspecified in C for the
-
Memory for a Struct object is freed and not referenced further.
-
Return of an uninitialized pointer from a function.
-
Attempt to assign a pointer address without allocating memory.
-
Attempted double free with primary control flow influencing whether the second free takes place.
-
Attempt to pass a pointer to freed memory to function.
-
Attempt to assign memory content that has already been freed.
-
Attempt to return a pointer to memory that has been freed.
-
Attempt to double free memory.
-
Pointer reference to freed memory is returned in function.
-
Memory is freed, then the pointer variable (not the memory location) is assigned a value.
-
Variable used as index of array is correctly initialized before use.
-
Variable used in boolean expression is correctly initialized before use.
-
Integer is not initialized prior to being used as an array index.
-
Pointer is not initialized prior to being used to assign a value to an array element
-
Integer is not initialized prior to being incremented in an expression.
-
Integer is not assigned a value prior to use in a boolean expression.
-
Integer is not initialized prior to being used in boolean expression.