Displaying test cases 485826 - 485850 of 485862 in total
-
snprintf with incorrect bounds allows a stack buffer to be overrun. PLOVER: BUFF.OVER, BUFF.LENCALC
-
snprintf with incorrect bounds allows a stack buffer to be overrun. PLOVER: BUFF.OVER, BUFF.LENCALC
-
snprintf with incorrect bounds allows a stack buffer to be overrun. PLOVER: BUFF.OVER, BUFF.LENCALC
-
An strcpy overflows a stack buffer. A check was made to avoid an overflow condition but the check is off by one. PLOVER: BUFF.OVER
-
An strcpy overflows a stack buffer. PLOVER: BUFF.OVER
-
A strcpy of a buffer with a missing NUL character causes a stack buffer to overflow. PLOVER: BUFF.OVER, BUFF.FORMAT
-
A strcpy of a buffer with a missing NUL character causes a stack buffer to overflow. PLOVER: BUFF.OVER, BUFF.FORMAT
-
malloc"d data is never freed and all pointers to the data are lost. PLOVER: RES.MEMLEAK
-
integer overflow results in a short malloc and an overflow. PLOVER: NUM.OVERFLOW, BUFF.OVER
-
fgets is called with an incorrect bounds allow a stack buffer to be overrun. PLOVER: BUFF.OVER
-
gets used on user input. PLOVER: BUFF.OVER
-
Syslog is called with a user supplied format string. An attempt was made to preformat the buffer but the vulnerability remains. PLOVER: BUFF.OVER, BUFF.FORMAT
-
A chroot() is performed without a chdir(). PLOVER:CP.UPATH.ELEMENT
-
An ad-hoc string copy without bounds check overflows a stack buffer. PLOVER: BUFF.OVER
-
An ad hoc gets without bounds checkes allows a stack buffer to be overrun. PLOVER CLASS: BUFF.OVER
-
Running sizeof() on a malloced pointer type will always return the wordsize/8. (from TCCLASP-5_6_8_10)
-
Sometimes an error is detected, and bad or no action is taken. (from TCCLASP-5_6_19_10)
-
When an exception is thrown and not caught, the process has given up an opportunity to decide if a given failure or event is worth a change in execution. (from TCCLASP-5_6_18_10)
-
Omitting a break statement so that one may fall through is often indistinguishable from an error, and therefore should not be used. (from TCCLASP-5_6_15_10)
-
Not using a a random initialization vector with Cipher Block Chaining (CBC) Mode causes algorithms to be susceptible to dictionary attacks. (from TCCLASP-5_5_22_10-J)
-
Nonces should be used for the present occasion and only once. (from TCCLASP-5_5_20_10-C)
-
The use of a hard-coded cryptographic key tremendously increases the possibility that encrypted data may be recovered (from TCCLASP-5_5_10_10-C)
-
Race conditions occur frequently in signal handlers, since they are asynchronous actions. These race conditions may have any number of root-causes and symptoms. (from TCCLASP-5_4_7_10)
-
If the variable which is switched on is changed while the switch statement is still in progress undefined activity may occur. (from TCCLASP-5_4_6_10)
-
Assumptions about protocol data or data stored in memory can be invalid, resulting in using data in ways that were unintended. (from TCCLASP-5_3_1_10)