OpenSSL 1.0.1e Test suite #4
DownloadDescription
The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, fully featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. The project is managed by a worldwide community of volunteers that use the Internet to communicate, plan, and develop the OpenSSL toolkit and its related documentation.
This product contains or makes use of Intelligence Advanced Research Projects Activity (IARPA) data from the STONESOUP program. Any product, report, publication, presentation, or other document including or referencing the IARPA data herein should include this statement. All documents related to the STONESOUP program can be found at the documents page.NIST assumes no responsibility whatsoever for its use by other parties, and makes no guaranties, expressed or implied, about its quality, reliability, or any other characteristic.
Documentation
Displaying test cases 276 - 300 of 636 in total
-
This test case takes an integer and mods it by four. That resulting number is then used to divide the number 1024, and the result is then printed. If the source integer is directly divisible by 4, this will result in a divide by zero error. Metadata - Base program: OpenSSL - Source Taint: SHAR...
-
This test case takes a filename. It determines the size of the file, and attempts to check whether the size of the file is smaller than 128 characters. The arithmetic used in the if-check may cause an integer underflow, which will result in the if-check succeeding when it should fail. If the if-c...
-
Metadata - Base program: OpenSSL - Source Taint: SHARED_MEMORY - Data Type: ARRAY - Data Flow: ADDRESS_AS_NONLINEAR_EXPRESSION - Control Flow: CALLBACK
-
This weakness reads a number to be used as a loop counter. The loop counter is initially read as an unsigned long, then converted to an int. If the number read in is larger than MAX_UINT, it is silently converted to a negative number. This breaks the loop counter logic, resulting in an infinite l...
-
This weakness reads a number to be used as a loop counter. The loop counter is initially read as an unsigned long, then converted to an int. If the number read in is larger than MAX_UINT, it is silently converted to a negative number. This breaks the loop counter logic, resulting in an infinite l...
-
This test case takes a filename. It determines the size of the file, and attempts to check whether the size of the file is smaller than 128 characters. The arithmetic used in the if-check may cause an integer underflow, which will result in the if-check succeeding when it should fail. If the if-c...
-
This weakness reads a number to be used as a loop counter. The loop counter is initially read as an unsigned long, then converted to an int. If the number read in is larger than MAX_UINT, it is silently converted to a negative number. This breaks the loop counter logic, resulting in an infinite l...
-
Metadata - Base program: OpenSSL - Source Taint: SOCKET - Data Type: STRUCT - Data Flow: ADDRESS_AS_CONSTANT - Control Flow: INFINITE_LOOP
-
This test case squares a positive number. If the number is large enough, the square will wrap around and become a negative number. The test case then uses the number as a decrementing counter in a while loop. If the number is negative when entering the loop, the loop will never terminate. Metadat...
-
This test case takes a filename. It determines the size of the file, and attempts to check whether the size of the file is smaller than 128 characters. The arithmetic used in the if-check may cause an integer underflow, which will result in the if-check succeeding when it should fail. If the if-c...
-
This test case allocates a stack buffer of size 16. It takes the user input and performs a check to see if it is possible to copy the user input into a 16-byte buffer. If the user input is larger than 15 bytes, then the check method returns a -1. This value is converted to an unsigned type (size_...
-
This test case takes a filename. It determines the size of the file, and attempts to check whether the size of the file is smaller than 128 characters. The arithmetic used in the if-check may cause an integer underflow, which will result in the if-check succeeding when it should fail. If the if-c...
-
Metadata - Base program: OpenSSL - Source Taint: ENVIRONMENT_VARIABLE - Data Type: HEAP_POINTER - Data Flow: VAR_ARG_LIST - Control Flow: MACROS
-
This weakness reads a number to be used as a loop counter. The loop counter is initially read as an unsigned long, then converted to an int. If the number read in is larger than MAX_UINT, it is silently converted to a negative number. This breaks the loop counter logic, resulting in an infinite l...
-
This weakness reads a number and attempts to modify the two high bytes of it, if it is greater than 65535. If the calculation to modify the two high bytes is performed, it will happen incorrectly due to the placement of the pointer modification and it instead changes the bytes on function pointer...
-
This test case allocates a stack buffer of size 16. It takes the user input and performs a check to see if it is possible to copy the user input into a 16-byte buffer. If the user input is larger than 15 bytes, then the check method returns a -1. This value is converted to an unsigned type (size_...
-
This test case takes a filename. It determines the size of the file, and attempts to check whether the size of the file is smaller than 128 characters. The arithmetic used in the if-check may cause an integer underflow, which will result in the if-check succeeding when it should fail. If the if-c...
-
This weakness reads a number and attempts to modify the two high bytes of it, if it is greater than 65535. If the calculation to modify the two high bytes is performed, it will happen incorrectly due to the placement of the pointer modification and it instead changes the bytes on function pointer...
-
This test case takes an integer and checks for an upper limit. If the number is less than the upper limit, then, a buffer the size of the upper limit will be created and filled with 'a's. The buffer will then be filled with 'b's using the input integer. If the input is negative, this will result ...
-
This test case allocates a stack buffer of size 16. It takes the user input and performs a check to see if it is possible to copy the user input into a 16-byte buffer. If the user input is larger than 15 bytes, then the check method returns a -1. This value is converted to an unsigned type (size_...
-
This test case takes an integer and checks for an upper limit. If the number is less than the upper limit, then, a buffer the size of the upper limit will be created and filled with 'a's. The buffer will then be filled with 'b's using the input integer. If the input is negative, this will result ...
-
This weakness reads a number and attempts to modify the two high bytes of it, if it is greater than 65535. If the calculation to modify the two high bytes is performed, it will happen incorrectly due to the placement of the pointer modification and it instead changes the bytes on function pointer...
-
Metadata - Base program: OpenSSL - Source Taint: ENVIRONMENT_VARIABLE - Data Type: SIMPLE - Data Flow: ADDRESS_AS_LINEAR_EXPRESSION - Control Flow: RECURSIVE
-
This weakness reads a number and attempts to modify the two high bytes of it, if it is greater than 65535. If the calculation to modify the two high bytes is performed, it will happen incorrectly due to the placement of the pointer modification and it instead changes the bytes on function pointer...
-
This test case takes an unsigned long value and uses it in an initialization function for a struct. Within the initialization function, the long gets converted to an unsigned short when a struct uses the unsigned long as an initialization value for an unsigned short member. If the unsigned long n...