Back to the previous page

Test Case ID	156703
Bad / Good / Mixed	Bad
Author	IARPA STONESOUP Test and Evaluation team
Associations	Test suite: 102 Application: 12
Added by	Charles Oliveira
Language	Java
Type of test case	Source Code
Input string
Expected Output
Instructions	See src/build.xml.
Submission date	2015-10-06
Description	The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service because of excessive looping. This test will try to access a user-controlled file, repeatedly trying if the access fails. The user provides an intentionally bad path, forcing the software to wait forever. Metadata - Base program: Apache JMeter - Source Taint: SOCKET - Data Type: SIMPLE - Data Flow: BASIC - Control Flow: SEQUENCE
File(s)	GenericController.java (23.2 kB) service_mon.sh (100 B) http-test.jmx (9.25 kB) http-test.jmx (6.88 kB) http-test.jmx (7.28 kB) http-test.jmx (16.62 kB) http-test.jtl (1.77 kB) J-C606A-JMET-01-ST03-DT02-DF11-CF20-01.xml (38.66 kB) runFifos.py (2.67 kB) J-C606A-JMET-01-ST03-DT02-DF11-CF20-01.yaml (2.75 kB)
Flaw	CWE-606: Unchecked Input for Loop Condition • 16

There are no comments

Have any comments on this test case? Please, .

GenericController.java
service_mon.sh
http-test.jmx
http-test.jmx
http-test.jmx
http-test.jmx
http-test.jtl
J-C606A-JMET-01-ST03-DT02-DF11-CF20-01.xml
runFifos.py

File Contains:
CWE-606: Unchecked Input for Loop Condition on line(s): 600, 601, 602, 603, 604, 605, 606, 607, 608, 609, 610, 611, 612, 613, 614, 615