Tree 1.7.0 Test suite #6
DownloadDescription
Tree is a recursive directory listing command that produces a depth indented listing of files, which is colorized ala dircolors if the LS_COLORS environment variable is set and output is to tty. Tree has been ported and reported to work under the following operating systems: Linux, FreeBSD, OS X, Solaris, HP/UX, Cygwin, HP Nonstop and OS/2.
This product contains or makes use of Intelligence Advanced Research Projects Activity (IARPA) data from the STONESOUP program. Any product, report, publication, presentation, or other document including or referencing the IARPA data herein should include this statement. All documents related to the STONESOUP program can be found at the documents page.NIST assumes no responsibility whatsoever for its use by other parties, and makes no guaranties, expressed or implied, about its quality, reliability, or any other characteristic.
Documentation
-
This test case implements two threads that each use a separate mutex lock object while accessing a shared resource. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test case to...
-
This test case takes the name of an externally accessible file as input, and treats the file as a global mutex lock. The test case will attempt to 'grab' the mutex lock by checking for the files existence, and creating it if it doesn't exist. The creation of the file is treated as grabbing the lo...
-
This test case implements a non-reentrant function that is called by a signal handler. The test case takes a control file and input string as input. The control file is used for timing and the input string is used as data for the test case to manipulate. The test case assigns a signal handler tha...
-
This test case implements a single signal handler that is associated with two signals. The test case takes the names of two control files and an input string. The control files are used for timing within the test case to ensure that the test case follows an exploiting or benign execution path, an...
-
This test case implements two threads that each use a separate mutex lock object while accessing a shared resource. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test case to...
-
This test case implements a time of check time of use vulnerability that allows arbitrary link following. The test case takes in a control file and an input file. The input file is checked to see if it is in the current working directory and not a symbolic link. If both of these conditions are tr...
-
This test case implements two threads that lock a counting semaphore multiple times, causing a deadlock if the lock is locked more times that it is unlocked. The test case takes a string as input and if the input string contains spaces spawns two threads, the first of which locks a semaphore twic...
-
This test case implements an asynchronous unsafe signal handler that access a string without properly null checking the pointer. The test case takes the name of a control file and an input string. The control file is used for timing within the test case to ensure that the test case follows an exp...
-
This test case implements two threads that do not use synchronization while accessing a shared resource. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test case to ensure tha...
-
This test case implements a missing lock check that allows two threads to access a shared character array simultaneously, leading to a null pointer deference. It takes an integer, the names of two control files, and an input string as input. The integer and two control files are used for timing, ...
-
This test case implements two threads that each use a separate mutex lock object while accessing a shared resource. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files are used for timing within the test case to...
-
This test case uses a counting semaphore initialized to one count of a shared resource to implement multiple unlocks of a critical resource for certain input. The test case takes a control integer, the names of two control files, and an input string. The control integer and the two control files ...
-
This test case implements a time of check time of use vulnerability that allows arbitrary link following. The test case takes in a control file and an input file. The input file is checked to see if it is in the current working directory and not a symbolic link. If both of these conditions are tr...
-
This test case implements a missing lock check that allows two threads to access a shared character array simultaneously, leading to a null pointer deference. It takes an integer, the names of two control files, and an input string as input. The integer and two control files are used for timing, ...
-
This test case implements a non-reentrant function that is called by a signal handler. The test case takes a control file and input string as input. The control file is used for timing and the input string is used as data for the test case to manipulate. The test case assigns a signal handler tha...
-
This test case implements a non-reentrant function that uses a static integer to iterate through a string setting each character to null. The test case takes a control integer and an input string. The control integer is used for timing within the test case to ensure that we hit either a good or b...
-
This test case implements a non-reentrant function that uses a static integer to iterate through a string setting each character to null. The test case takes a control integer and an input string. The control integer is used for timing within the test case to ensure that we hit either a good or b...
-
This test case squares a positive number. If the number is large enough, the square will wrap around and become a negative number. The test case then uses the number as a decrementing counter in a while loop. If the number is negative when entering the loop, the loop will never terminate. Metadat...
-
This weakness reads a number to be used as a loop counter. The loop counter is initially read as an unsigned long, then converted to an int. If the number read in is larger than MAX_UINT, it is silently converted to a negative number. This breaks the loop counter logic, resulting in an infinite l...
-
This test case allocates a stack buffer of size 16. It takes the user input and performs a check to see if it is possible to copy the user input into a 16-byte buffer. If the user input is larger than 15 bytes, then the check method returns a -1. This value is converted to an unsigned type (size_...
-
This test case squares a positive number. If the number is large enough, the square will wrap around and become a negative number. The test case then uses the number as a decrementing counter in a while loop. If the number is negative when entering the loop, the loop will never terminate. Metadat...
-
This test case squares a positive number. If the number is large enough, the square will wrap around and become a negative number. The test case then uses the number as a decrementing counter in a while loop. If the number is negative when entering the loop, the loop will never terminate. Metadat...
-
This weakness reads a number to be used as a loop counter. The loop counter is initially read as an unsigned long, then converted to an int. If the number read in is larger than MAX_UINT, it is silently converted to a negative number. This breaks the loop counter logic, resulting in an infinite l...
-
This test case allocates a stack buffer of size 16. It takes the user input and performs a check to see if it is possible to copy the user input into a 16-byte buffer. If the user input is larger than 15 bytes, then the check method returns a -1. This value is converted to an unsigned type (size_...
-
This test case takes an integer and mods it by four. That resulting number is then used to divide the number 1024, and the result is then printed. If the source integer is directly divisible by 4, this will result in a divide by zero error. Metadata - Base program: Tree - Source Taint: SHARED_...