ITC-Benchmarks
DownloadDescription
Toyota InfoTechnology Center (ITC), U.S.A.static analysis benchmarks for undefined behavior andconcurrency weaknesses. 100 test cases in C and C++containing a total of 685 pairs of intended weaknesses.Each pair has a version with a weakness and a fixed version.The test cases are Copyright (c) 2012-2014 and distributedunder the "BSD License." See Shin''ichi Shiraishi, Veena Mohan,and Hemalatha Marimuthu, "Test Suites for Benchmarks ofStatic Analysis Tools," IEEE Int''l Symp. on Software ReliabilityEngineering (ISSRE ''15), DOI: 10.1109/ISSREW.2015.7392027,originally obtained from https://github.com/regehr/itc-benchmarks.
Please note that test cases contain coincidental weaknessesflagged by SAMATE team, each described accordingly and individually.
Also please note that the SAMATE team determined that in a few cases,the code that was marked as weakness originally was in fact correct code.We describe these cases accordingly and individually.
Displaying test cases 1 - 25 of 100 in total
-
Defect Type: Numerical defects Defect Sub-type: Bit shift bigger than integral type or negative Description: Defect Code to identify bit shift errors
-
Defect Type: Numerical defects Defect Sub-type: Bit shift bigger than integral type or negative Description: Defect Free Code to identify false positives in bit shift errors
-
Defect Type: Dynamic memory defects Defect Sub-type: Dynamic buffer overrun Created on: Sep 27, 2012 Author: caesaru01 The test case contains coincidental weaknesses along with intended ones as follows for file buffer_overrun_dynamic.c: * line(s): 145,151,153,173,434,511,513,550,558 CWE-476 * lin...
-
Defect Type: Dynamic memory defects Defect Sub-type: Dynamic buffer overrun Description: Defect Free Code to identify false positives in dynamic buffer overrun Created on: Sep 27, 2012 Author: caesaru01 The test case contains coincidental weaknesses along with intended ones as follows for file bu...
-
Defect Type: Dynamic memory defects Defect Sub-type: Dynamic buffer underrun Created on: Sep 27, 2012 Author: caesaru01 The test case contains coincidental weaknesses along with intended ones as follows for file buffer_underrun_dynamic.c: * line(s): 148,154,177,516,518,550,558,668,673,678 CWE-476...
-
Defect Type: Dynamic memory defects Defect Sub-type: Dynamic buffer underrun Description: Defect Free Code to identify false positives in buffer underrun in dynamic memory allocation Created on: Sep 27, 2012 Author: caesaru01 The test case contains coincidental weaknesses along with intended ones...
-
Defect Type: Pointer related defects Defect Sub-type: Comparison NULL with function pointer The test case contains coincidental weaknesses along with intended ones as follows for file cmp_funcadr.c: * line(s): 28,50 CWE-561
-
Defect Type: Pointer related defects Defect Sub-type: Comparison NULL with function pointer Description: Defect Free Code to identify false positives while comparison of NULL with function pointers The test case contains coincidental weaknesses along with intended ones as follows for file cmp_fun...
-
Defect Type: Inappropriate code Defect Sub-type: Contradict conditions The test case contains coincidental weaknesses along with intended ones as follows for file conflicting_cond.c: * line(s): 26,45,64,85,120,139,159,179 CWE-561
-
Defect Type: Inappropriate code Defect Sub-type: Contradict conditions Description: Defect Free Code to identify false positives occurring in contradicting conditions The test case contains coincidental weaknesses along with intended ones as follows for file conflicting_cond.c: * line(s): 104 CWE...
-
Defect Type: Numerical defects Defect Sub-type: Integer precision lost because of cast Description: Defect Code to identify defects in data lost at cast
-
Defect Type: Numerical defects Defect Sub-type: Integer precision lost because of cast Description: Defect Free Code to identify false positives in data lost at cast
-
Defect Type: Numerical defects Defect Sub-type: Data overflow Description: Defect Code to identify defects in data overflow in static declaration
-
Defect Type: Numerical defects Defect Sub-type: Data overflow Description: Defect Free Code to identify false positives in data overflow in static declaration
-
Defect Type: Numerical defects Defect Sub-type: Data underflow Description: Defect Code to identify defects in data underflow in static declaration
-
Defect Type: Numerical defects Defect Sub-type: Data underflow Description: Defect Free Code to identify false positives in data underflow in static declaration
-
Defect Type: Inappropriate code Defect Sub-type: Dead code Description: Defect Code to identify defects in dead code
-
Defect Type: Inappropriate code Defect Sub-type: Dead code Description: Defect Free Code to identify false positives in dead code
-
Defect Type: Concurrency defects Defect Sub-type: Dead lock
-
Defect Type: Concurrency defects Defect Sub-type: Dead lock Description: Defect Free Code to identify false positives in dead lock conditions
-
Defect Type: Dynamic memory defects Defect Sub-type: Deletion of data structure sentinel Description: Defect Code to identify defects while deletion of data structure sentinel The test case contains coincidental weaknesses along with intended ones as follows for file deletion_of_data_structure_se...
-
Defect Type: Dynamic memory defects Defect Sub-type: Deletion of data structure sentinel Description: Defect Free Code to identify false positives while deletion of data structure sentinel The test case contains coincidental weaknesses along with intended ones as follows for file deletion_of_data...
-
Defect Type: Resource management defects Defect Sub-type: Double free The test case contains coincidental weaknesses along with intended ones as follows for file double_free.c: * line(s): 37,78 CWE-476 * line(s): 88 CWE-401
-
Defect Type: Resource management defects Defect Sub-type: Double free Description: Defect Free Code to identify false positives in double free - resource management defects The test case contains coincidental weaknesses along with intended ones as follows for file double_free.c: * line(s): 36,55,...
-
Defect Type: Concurrency defects Defect Sub-type: Double lock