FFmpeg 1.2.2 Test suite #17
DownloadDescription
FFmpeg is the leading multimedia framework, able to decode, encode, transcode, mux, demux, stream, filter and play pretty much anything that humans and machines have created. It supports the most obscure ancient formats up to the cutting edge. No matter if they were designed by some standards committee, the community or a corporation. It is also highly portable: FFmpeg compiles, runs, and passes our testing infrastructure FATE across Linux, Mac OS X, Microsoft Windows, the BSDs, Solaris, etc. under a wide variety of build environments, machine architectures, and configurations.
This product contains or makes use of Intelligence Advanced Research Projects Activity (IARPA) data from the STONESOUP program. Any product, report, publication, presentation, or other document including or referencing the IARPA data herein should include this statement. All documents related to the STONESOUP program can be found at the documents page.NIST assumes no responsibility whatsoever for its use by other parties, and makes no guaranties, expressed or implied, about its quality, reliability, or any other characteristic.
Documentation
Displaying test cases 201 - 225 of 637 in total
-
This test case implements an asynchronous unsafe signal handler that access a string without properly null checking the pointer. The test case takes the name of a control file and an input string. The control file is used for timing within the test case to ensure that the test case follows an exp...
-
This test case implements a time of check time of use vulnerability that allows a DOS due to the input file being deleted before opening. The test case takes in a control file and an input file. The input file is checked to see if it is in the current working directory and exists. If both of thes...
-
C programs have two main options for mutual exclusion of a shared resource in a concurrent setting: the mutex lock and the semaphore. Mutex locks exist in two states, locked and unlocked. However a semaphore, more specifically a counting semaphore, can be used to keep track of an arbitrary number...
-
This test case implements two threads that do not use synchronization while accessing a shared resource. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test case to ensure tha...
-
This test case implements a single signal handler that is associated with two signals. The test case takes the names of two control files and an input string. The control files are used for timing within the test case to ensure that the test case follows an exploiting or benign execution path, an...
-
This test case implements two threads that lock a counting semaphore multiple times, causing a deadlock if the lock is locked more times that it is unlocked. The test case takes a string as input and if the input string contains spaces spawns two threads, the first of which locks a semaphore twic...
-
This test case implements a double checked lock around the initialization of a shared struct in an attempt to be efficient. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test...
-
C programs have two main options for mutual exclusion of a shared resource in a concurrent setting: the mutex lock and the semaphore. Mutex locks exist in two states, locked and unlocked. However a semaphore, more specifically a counting semaphore, can be used to keep track of an arbitrary number...
-
This test case implements two threads that do not use synchronization while accessing a shared resource. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test case to ensure tha...
-
This test case implements a time of check time of use vulnerability that allows arbitrary link following. The test case takes in a control file and an input file. The input file is checked to see if it is in the current working directory and not a symbolic link. If both of these conditions are tr...
-
This test case implements a double checked lock around the initialization of a shared struct in an attempt to be efficient. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test...
-
This test case implements a time of check time of use vulnerability that allows a DOS due to the input file being deleted before opening. The test case takes in a control file and an input file. The input file is checked to see if it is in the current working directory and exists. If both of thes...
-
This test case uses a counting semaphore initialized to one count of a shared resource to implement multiple unlocks of a critical resource for certain input. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files ...
-
This weakness reads a number to be used as a loop counter. The loop counter is initially read as an unsigned long, then converted to an int. If the number read in is larger than MAX_UINT, it is silently converted to a negative number. This breaks the loop counter logic, resulting in an infinite l...
-
This test case takes an unsigned long value and uses it in an initialization function for a struct. Within the initialization function, the long gets converted to an unsigned short when a struct uses the unsigned long as an initialization value for an unsigned short member. If the unsigned long n...
-
Metadata - Base program: FFmpeg - Source Taint: ENVIRONMENT_VARIABLE - Data Type: STRUCT - Data Flow: ADDRESS_AS_LINEAR_EXPRESSION - Control Flow: INDIRECTLY_RECURSIVE
-
This test case takes an integer and mods it by four. That resulting number is then used to divide the number 1024, and the result is then printed. If the source integer is directly divisible by 4, this will result in a divide by zero error. Metadata - Base program: FFmpeg - Source Taint: FILE_...
-
This weakness reads a number and attempts to modify the two high bytes of it, if it is greater than 65535. If the calculation to modify the two high bytes is performed, it will happen incorrectly due to the placement of the pointer modification and it instead changes the bytes on function pointer...
-
This weakness reads a number to be used as a loop counter. The loop counter is initially read as an unsigned long, then converted to an int. If the number read in is larger than MAX_UINT, it is silently converted to a negative number. This breaks the loop counter logic, resulting in an infinite l...
-
This test case converts a user string to a short, and then converts that short to an unsigned int. If the short is negative, this will result in unexpected sign extension. The unsigned int value is used to determine how much data to read from a file, resulting in massive buffer overwrite if the f...
-
This weakness reads a number and attempts to modify the two high bytes of it, if it is greater than 65535. If the calculation to modify the two high bytes is performed, it will happen incorrectly due to the placement of the pointer modification and it instead changes the bytes on function pointer...
-
This test case takes a filename. It determines the size of the file, and attempts to check whether the size of the file is smaller than 128 characters. The arithmetic used in the if-check may cause an integer underflow, which will result in the if-check succeeding when it should fail. If the if-c...
-
This test case takes an integer and checks for an upper limit. If the number is less than the upper limit, then, a buffer the size of the upper limit will be created and filled with 'a's. The buffer will then be filled with 'b's using the input integer. If the input is negative, this will result ...
-
This test case takes a filename. It determines the size of the file, and attempts to check whether the size of the file is smaller than 128 characters. The arithmetic used in the if-check may cause an integer underflow, which will result in the if-check succeeding when it should fail. If the if-c...
-
This test case squares a positive number. If the number is large enough, the square will wrap around and become a negative number. The test case then uses the number as a decrementing counter in a while loop. If the number is negative when entering the loop, the loop will never terminate. Metadat...