Displaying test cases 426626 - 426650 of 426654 in total
-
snprintf is used repeatedly while keeping track of the residual buffer length, however an accounting error allows a stack buffer to be overrun. PLOVER: BUFF.OVER, BUFF.LENCALC
-
snprintf with incorrect bounds allows a stack buffer to be overrun. PLOVER: BUFF.OVER, BUFF.LENCALC
-
snprintf with incorrect bounds allows a stack buffer to be overrun. PLOVER: BUFF.OVER, BUFF.LENCALC
-
snprintf with incorrect bounds allows a stack buffer to be overrun. PLOVER: BUFF.OVER, BUFF.LENCALC
-
An strcpy overflows a stack buffer. A check was made to avoid an overflow condition but the check is off by one. PLOVER: BUFF.OVER
-
An strcpy overflows a stack buffer. PLOVER: BUFF.OVER
-
A strcpy of a buffer with a missing NUL character causes a stack buffer to overflow. PLOVER: BUFF.OVER, BUFF.FORMAT
-
A strcpy of a buffer with a missing NUL character causes a stack buffer to overflow. PLOVER: BUFF.OVER, BUFF.FORMAT
-
malloc"d data is never freed and all pointers to the data are lost. PLOVER: RES.MEMLEAK
-
integer overflow results in a short malloc and an overflow. PLOVER: NUM.OVERFLOW, BUFF.OVER
-
fgets is called with an incorrect bounds allow a stack buffer to be overrun. PLOVER: BUFF.OVER
-
gets used on user input. PLOVER: BUFF.OVER
-
A chroot() is performed without a chdir(). PLOVER:CP.UPATH.ELEMENT
-
An ad-hoc string copy without bounds check overflows a stack buffer. PLOVER: BUFF.OVER
-
When an exception is thrown and not caught, the process has given up an opportunity to decide if a given failure or event is worth a change in execution. (from TCCLASP-5_6_18_10)
-
Omitting a break statement so that one may fall through is often indistinguishable from an error, and therefore should not be used. (from TCCLASP-5_6_15_10)
-
Not using a a random initialization vector with Cipher Block Chaining (CBC) Mode causes algorithms to be susceptible to dictionary attacks. (from TCCLASP-5_5_22_10-J)
-
Race conditions occur frequently in signal handlers, since they are asynchronous actions. These race conditions may have any number of root-causes and symptoms. (from TCCLASP-5_4_7_10)
-
If the variable which is switched on is changed while the switch statement is still in progress undefined activity may occur. (from TCCLASP-5_4_6_10)
-
Truncation errors occur when a primitive is cast to a primitive of a smaller size and data is lost in the conversion. (from TCCLASP-5_2_9_10)
-
Integer coercion refers to a set of flaws pertaining to the type casting, extension,or truncation of primitive data types. (from TCCLASP-5_2_8_10)[br][br]Duplicate code of Test Case 3
-
A buffer underwrite condition occurs when a buffer is indexed with a negative number, or pointer arithmetic with a negative value results in a position before the beginning of the valid memory location. (from TCCLASP-5_2_5_9)
-
A stack overflow condition is a buffer overflow condition, where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function). (from TCCLASP-5_2_3_10)
-
Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow. (from TCCLASP-5_2_2_10)
-
Freeing or deleting the same memory chunk twice may - when combined with other flaws - result in a write-what-where condition. (from TCCLASP-5_2_20_10)