Deprecated test suite
C Test Suite for Source Code Analyzer - false positive
DownloadDescription
This test suite tests against Source Code Security Analyzer based on functional requirements SCA-RM-6 specified in "Source Code Security Analysis Tool Functional Specification"
Displaying test cases 1 - 10 of 73 in total
-
Printf is called with a programmer supplied format string.
-
A string decode function properly checks for termination and no buffer overflow occurs.
-
An ad hoc gets with bounds check does not allow a stack buffer to be overrun.
-
An ad-hoc string copy with bounds check does not overflows a stack buffer.
-
Syslog is called with a programmer supplied format string.
-
Printf is called with a static format string. This is not a defect.
-
fgets is called with a correct bound.
-
integer overflow results in a short malloc and an overflow. A guard is put in place to protect against the overflow.
-
malloc\'d data is freed.
-
malloc\'d data is freed in the caller.