ABM 1.0.1 Test suite #35
DownloadDescription
Fortify Software\''s Analyzer BenchMark v. 1.0.1
Displaying test cases 76 - 100 of 112 in total
-
An unsafe function is used causing the entire container to exit.
-
An unsafe function is used causing the entire container to exit.
-
Tainted output allows cross-site scripting attack.
-
Tainted output allows cross-site scripting attack.
-
Tainted output allows cross-site scripting attack. (fixed version 2)
-
Printf is called with a user supplied format string.
-
Printf is called with a programmer supplied format string.
-
Syslog is called with a programmer supplied format string.
-
System() is called with user-provided data but the data is strictly scrutinized first.
-
A string decode function misses a termination check which allows the decode to proceed past the end of the buffer.
-
A string decode function properly checks for termination and no buffer overflow occurs.
-
An ad hoc gets without bounds checkes allows a stack buffer to be overrun.
-
An ad hoc gets with bounds check does not allow a stack buffer to be overrun.
-
An ad-hoc string copy without bounds check overflows a stack buffer.
-
An ad-hoc string copy with bounds check does not overflows a stack buffer.
-
Syslog is called with a user supplied format string. An attempt was made to preformat the buffer but the vulnerability remains.
-
Syslog is called with a programmer supplied format string.
-
Printf is called with a static format string. This is not a defect.
-
gets is never safe for untrusted input due to lack of buffer length checks.
-
fgets is used in place of gets with a proper bounds check.
-
fgets is called with an incorrect bound allowing a stack buffer to be overrun.
-
fgets is called with a correct bound.
-
integer overflow results in a short malloc and an overflow. A guard was put in place to protect the overflow but the guard is incorrect.
-
integer overflow results in a short malloc and an overflow. A guard is put in place to protect against the overflow.
-
malloc\'d data is never freed and all pointers to the data are lost.