Downloads:
Back to the previous page
| Test Case ID |  149383 |
| Bad / Good / Mixed | Bad |
| Author | IARPA STONESOUP Test and Evaluation team |
| Associations | Test suite: 102 Application: 8 |
| Added by | Charles Oliveira |
| Language | C |
| Type of test case | Source Code |
| Input string | |
| Expected Output | |
| Instructions | See src/INSTALL file for instructions on how to install. |
| Submission date | 2015-10-06 |
| Description | This test case looks for the substring 'aba' within the taint source. If it finds the substring, it sets a pointer called stonesoup_second_buff to the beginning of the 'aba' substring, and the weakness continues without incident. If it does not find the substring, stonesoup_second_buff retains its initial value of NULL. The weakness subsequently calculates the length of stonesoup_second_buff, using strlen. If stonesoup_second_buff is NULL, this causes a segmentation fault. Metadata - Base program: Wireshark - Source Taint: SOCKET - Data Type: ARRAY - Data Flow: VAR_ARG_LIST - Control Flow: INTERPROCEDURAL_10 |
| File(s) |
|
| Flaw |
There are no comments
Have any comments on this test case? Please,
.
- main_statusbar.c
- runFifos.py
- service_mon.sh
- C-C476B-WIRE-08-ST03-DT01-DF12-CF14-01.xml
- C-C476B-WIRE-08-ST03-DT01-DF12-CF14-01.yaml
File Contains:
CWE-476: NULL Pointer Dereference on line(s): 1188, 1189, 1190
CWE-476: NULL Pointer Dereference on line(s): 1188, 1189, 1190