Apache POI 3.9 Test suite #15
DownloadDescription
the Java API for Microsoft Documents.
This product contains or makes use of Intelligence Advanced Research Projects Activity (IARPA) data from the STONESOUP program. Any product, report, publication, presentation, or other document including or referencing the IARPA data herein should include this statement. All documents related to the STONESOUP program can be found at the documents page.NIST assumes no responsibility whatsoever for its use by other parties, and makes no guaranties, expressed or implied, about its quality, reliability, or any other characteristic.
Documentation
Displaying test cases 151 - 175 of 479 in total
-
This test takes an integer and filename as input (int filename), and checks that the file exists, and is in the current directory. However there is a time of check,time of use vulnerability after the file is checked but before it is opened allowing the file to be deleted before opening causing a ...
-
This test takes a string. It locks a lock upon encountering the first '1' in the string, then unlocks the lock each time it subsequently encounters an '1'. If there are three or more '1' characters in the string, this will cause multiple unlocks and an exception. Metadata - Base program: Apache ...
-
This test takes a string. It locks a lock upon encountering the first '1' in the string, then unlocks the lock each time it subsequently encounters an '1'. If there are three or more '1' characters in the string, this will cause multiple unlocks and an exception. Metadata - Base program: Apache ...
-
This test takes an integer and filename as input (int filename), and checks that the file exists, and is in the current directory. However there is a time of check,time of use vulnerability after the file is checked but before it is opened allowing the file to be deleted before opening causing a ...
-
This weakness takes in an integer and string "int string" where the integer is the size of the array to sort for timing and the string contains the value that is acted upon by the treads, stored in a global static variable. A divide by zero error occurs when the string starts with 'A' and the arr...
-
Algorithmic variant: basic Root cause: none This test takes a string. If the first letter is a lower case letter, the main thread will get a lock guarding an integer, and count the number of lower-case letters into that integer. A second thread will get a lock guarding a second integer, and will...
-
This weakness takes in an integer and string "int string" where the integer is the size of the array to sort for timing and the string contains the value that is acted upon by the treads, passed as a global static class. A divide by zero error occurs when the string starts with 'A' and the array ...
-
This test takes a string. It locks a lock upon encountering the first '1' in the string, then locks the lock each time it subsequently encouters another '1'. If there are three or more '1' characters in the string, this will cause multiple locks and an unexpected state (DOS). Metadata - Base pro...
-
Algorithmic variant: basic Root cause: none This test takes a string. It separates the string into a number to use for an array size to sort and a second string to share between threads. It then creates two threads and runs them both. The first thread calculates an increment amount that is used ...
-
This test takes an integer followed by a filename as input (int filename), and checks that the file exists, is in the current directory, and is not a symbolic link. However the weakness takes some time before opening the file allowing a time of check, time of use vulnerability. This vulnerability...
-
This test takes in a value from a taint source, which is then used to allocate an array. This value is positive when stored in a byte, but if the value is between 128 and 255, becomes negative if stored in a byte. When this negative value is stored in a larger container (an int) it becomes a ...
-
This test takes in a value from a taint source, which is then used to allocate an array. This value is positive when stored in a byte, but if the value is between 128 and 255, becomes negative if stored in a byte. When this negative value is stored in a larger container (an int) it becomes a ...
-
This test takes in a value from a taint source, and creates a string array based on the value. Math is performed on the value such that, if the value is greater than 500, the resultant value 'wraps around', and becomes negative. This results in an exception being thrown, due to the invalid a...
-
This test takes in a value from a taint source, and creates a string array based on the value. Math is performed on the value such that, if the value is 32749 or greater, the resultant value underflows and becomes positive. This results in an infinite loop. Metadata - Base program: Apache PO...
-
This test takes in a value passed as an argument This value is originally signed, but is converted to unsigned when stored in a char. This value is then used to index an allocated array with a signed value. Metadata - Base program: Apache POI - Source Taint: FILE_CONTENTS - Data Type: SIMPL...
-
This test takes in a value passed in as an argument and uses it to compute a divisor which is later used in a modulus operation. Metadata - Base program: Apache POI - Source Taint: ENVIRONMENT_VARIABLE - Data Type: ARRAY - Data Flow: VAR_ARG_LIST - Control Flow: INTERUPT_CONTINUE
-
This test takes in a value from an argument and uses it as a array accessor resulting in an ArrayIndexOutOfBounds exception. Metadata -Base program: Apache POI - Source Taint: ENVIRONMENT_VARIABLE - Data Type: array - Data Flow: java_generics - Control Flow: indirectly_recursive
-
This test takes in a value from an argument and uses it as a array accessor resulting in an ArrayIndexOutOfBounds exception. Metadata -Base program: Apache POI - Source Taint: ENVIRONMENT_VARIABLE - Data Type: void_pointer - Data Flow: var_arg_list - Control Flow: callback
-
This test takes in a value from a taint source, which is then used to allocate an array. This value is positive when stored in a byte, but if the value is between 128 and 255, becomes negative if stored in a byte. When this negative value is stored in a larger container (an int) it becomes a ...
-
This test takes in a value from a taint source, and creates a string array based on the value. Math is performed on the value such that, if the value is 32749 or greater, the resultant value underflows and becomes positive. This results in an infinite loop. Metadata - Base program: Apache PO...
-
This test takes in a value from a taint source, and creates a string array based on the value. Math is performed on the value such that, if the value is 32749 or greater, the resultant value underflows and becomes positive. This results in an infinite loop. Metadata - Base program: Apache PO...
-
This test takes in a char value from a taint source. The value is cast to a byte causing an unsigned to signed conversion. This value is then used to allocate an array. If the original char is >127 this will lead to a negative index for the array causing a NegativeArraySizeException. Metadata - ...
-
This test takes in a value from a taint source, and creates a string array based on the value. Math is performed on the value such that, if the value is 32749 or greater, the resultant value underflows and becomes positive. This results in an infinite loop. Metadata - Base program: Apache PO...
-
This test takes in a value passed as an argument This value is originally signed, but is converted to unsigned when stored in a char. This value is then used to index an allocated array with a signed value. Metadata - Base program: Apache POI - Source Taint: FILE_CONTENTS - Data Type: ARRAY...
-
This test takes in a value passed in as an argument and uses it to compute a divisor which is later used in a modulus operation. Metadata - Base program: Apache POI - Source Taint: SOCKET - Data Type: SIMPLE - Data Flow: INDEX_ALIAS_1 - Control Flow: INTERPROCEDURAL_1