CANDIDATE Source Code Analysis Tool Functional Specification Test Suite Test suite #37
DownloadDescription
This test suite contains all test cases that can be used to test a general purpose, production source code analysis tool implementation against the SAMATE Source Code Analysis Tool Functional Specification.
Displaying test cases 26 - 34 of 34 in total
-
Simple test of tool ability to identify a double free weakness.
-
Test tool ability to identify potential problem of the use of static internal buffer.
-
A file is accessed multiple times by name in a publically accessible directory. A race condition exists between the accesses where an attacker can replace the file referenced by the name. PLOVER: RACE.TOCTOU
-
Test if tool can detect a heap inspection vulnerability.
-
Test of tool ability to identify use of an uninitialized variable.
-
A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as the POSIX malloc() call. (from TCCLASP-5_2_4_10)
-
Test of tool ability to identify a NULL pointer dereference.
-
Format string problems occur when a user has the ability to control or write completely the format string used to format data in the printf style family of C/ C++ functions. (from TCCLASP-5_2_23_10)
-
Command injection problems are a subset of injection problem, in which the process is tricked into calling external processes of the attackers choice through the injection of control-plane data into the data plane. (from TCCLASP-5_2_25_10)