Downloads:
Back to the previous page
| Test Case ID |  123313 |
| Bad / Good / Mixed | Mixed |
| Author | NSA/Center for Assured Software |
| Associations | |
| Added by | Charles Oliveira |
| Language | C++ |
| Type of test case | Source Code |
| Input string | |
| Expected Output | |
| Instructions | |
| Submission date | 2013-05-21 |
| Description | CWE: 90 LDAP Injection BadSource: listen_socket Read data using a listen socket (server side) GoodSource: Use a fixed string Sinks: BadSink : data concatenated into LDAP search, which could result in LDAP Injection Flow Variant: 62 Data flow: data flows using a C++ reference from one function to another in different source files |
| File(s) |
|
| Flaw |
There are no comments
Have any comments on this test case? Please,
.
- CWE90_LDAP_Injection__w32_wchar_t_listen_socket_62a.cpp
- CWE90_LDAP_Injection__w32_wchar_t_listen_socket_62b.cpp
- io.c
- std_testcase.h
- std_testcase_io.h
File Contains:
CWE-090: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') on line(s): 58
CWE-090: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') on line(s): 58