FFmpeg 1.2.2 Test suite #17
DownloadDescription
FFmpeg is the leading multimedia framework, able to decode, encode, transcode, mux, demux, stream, filter and play pretty much anything that humans and machines have created. It supports the most obscure ancient formats up to the cutting edge. No matter if they were designed by some standards committee, the community or a corporation. It is also highly portable: FFmpeg compiles, runs, and passes our testing infrastructure FATE across Linux, Mac OS X, Microsoft Windows, the BSDs, Solaris, etc. under a wide variety of build environments, machine architectures, and configurations.
This product contains or makes use of Intelligence Advanced Research Projects Activity (IARPA) data from the STONESOUP program. Any product, report, publication, presentation, or other document including or referencing the IARPA data herein should include this statement. All documents related to the STONESOUP program can be found at the documents page.NIST assumes no responsibility whatsoever for its use by other parties, and makes no guaranties, expressed or implied, about its quality, reliability, or any other characteristic.
Documentation
-
This test case reads the taint source. If it contains a non-alphanumeric value, the source taint buffer is set to NULL. Subsequently, strcpy is called with the source taint buffer as this source. This causes a null pointer dereference. Metadata - Base program: FFmpeg - Source Taint: SHARED_MEMO...
-
This test case reads the taint source. If the length of the taint source is 63 bytes or less, it allocates a buffer to copy the taint source into. It then copies the taint source into the buffer, regardless of whether it actually allocated any memory or not. If it did not allocate memory, the buf...
-
This test case reads the taint source, and converts it to an integer, then an unsigned int. It uses a wrapped malloc to allocate a buffer of the size specified by the taint source. If the size is greater than 512, the wrapped malloc returns NULL. The program attempts to use the buffer, and if the...
-
This test case reads the taint source. If the length of the taint source is 63 bytes or less, it allocates a buffer to copy the taint source into. It then copies the taint source into the buffer, regardless of whether it actually allocated any memory or not. If it did not allocate memory, the buf...
-
This test case reads a space-delimited string from the taint source. The first element in the string is the number of elements following it. The test cases reads in the following elements and outputs them. If there are fewer elements than expected, a segmentation fault occurs. Metadata - Base p...
-
This test case reads the taint source. If it contains a non-alphanumeric value, the source taint buffer is set to NULL. Subsequently, strcpy is called with the source taint buffer as this source. This causes a null pointer dereference. Metadata - Base program: FFmpeg - Source Taint: FILE_CONTEN...
-
This test case implements a single signal handler that is associated with two signals. The test case takes the names of two control files and an input string. The control files are used for timing within the test case to ensure that the test case follows an exploiting or benign execution path, an...
-
This test case implements a singleton struct without synchronization that can lead to two threads receiving separate instances of the singleton struct resulting in a deadlocked state. It takes a control integer, the names of two control files, and another integer as input. The control integer and...
-
This test case implements two threads that do not use synchronization while accessing a shared resource. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test case to ensure tha...
-
This test case implements two threads that do not use synchronization while accessing a shared resource. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test case to ensure tha...
-
This test case implements two threads that each use a separate mutex lock object while accessing a shared resource. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test case to...
-
This test case implements a time of check time of use vulnerability that allows arbitrary link following. The test case takes in a control file and an input file. The input file is checked to see if it is in the current working directory and not a symbolic link. If both of these conditions are tr...
-
This test case implements two thread that both lock two shared mutex locks such that if the timing works out, they will cause each other to deadlock. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used ...
-
This test case implements two threads that lock a counting semaphore multiple times, causing a deadlock if the lock is locked more times that it is unlocked. The test case takes a string as input and if the input string contains spaces spawns two threads, the first of which locks a semaphore twic...
-
This test case implements a non-reentrant function that is called by a signal handler. The test case takes a control file and input string as input. The control file is used for timing and the input string is used as data for the test case to manipulate. The test case assigns a signal handler tha...
-
This test case takes the name of an externally accessible file as input, and treats the file as a global mutex lock. The test case will attempt to 'grab' the mutex lock by checking for the files existence, and creating it if it doesn't exist. The creation of the file is treated as grabbing the lo...
-
This test case uses a counting semaphore initialized to one count of a shared resource to implement multiple unlocks of a critical resource for certain input. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files ...
-
This test case takes the name of an externally accessible file as input, and treats the file as a global mutex lock. The test case will attempt to 'grab' the mutex lock by checking for the files existence, and creating it if it doesn't exist. The creation of the file is treated as grabbing the lo...
-
This test case implements a non-reentrant function that is called by a signal handler. The test case takes a control file and input string as input. The control file is used for timing and the input string is used as data for the test case to manipulate. The test case assigns a signal handler tha...
-
This test case implements a time of check time of use vulnerability that allows a DOS due to the input file being deleted before opening. The test case takes in a control file and an input file. The input file is checked to see if it is in the current working directory and exists. If both of thes...
-
This test case implements two threads that each use a separate mutex lock object while accessing a shared resource. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test case to...
-
This test case implements a time of check time of use vulnerability that allows a DOS due to the input file being deleted before opening. The test case takes in a control file and an input file. The input file is checked to see if it is in the current working directory and exists. If both of thes...
-
This test case implements a missing lock check that allows two threads to access a shared character array simultaneously, leading to a null pointer deference. It takes an integer, the names of two control files, and an input string as input. The integer and two control files are used for timing, ...
-
This test case implements a non-reentrant function that uses a static integer to iterate through a string setting each character to null. The test case takes a control integer and an input string. The control integer is used for timing within the test case to ensure that we hit either a good or b...
-
This test case implements two threads that do not use synchronization while accessing a shared resource. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test case to ensure tha...