Back to the previous page

Test Case ID	157012
Bad / Good / Mixed	Bad
Author	IARPA STONESOUP Test and Evaluation team
Associations	Test suite: 102 Application: 12
Added by	Charles Oliveira
Language	Java
Type of test case	Source Code
Input string
Expected Output
Instructions	See src/build.xml.
Submission date	2015-10-06
Description	The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service because of excessive looping. This test will try to access a user-controlled file, repeatedly trying if the access fails. The user provides an intentionally bad path, forcing the software to wait forever. Metadata - Base program: Apache JMeter - Source Taint: FILE_CONTENTS - Data Type: SIMPLE - Data Flow: BASIC - Control Flow: SEQUENCE
File(s)	GenericController.java (19.13 kB) service_mon.sh (100 B) http-test.jmx (9.25 kB) http-test.jmx (6.88 kB) http-test.jmx (7.28 kB) http-test.jmx (16.62 kB) http-test.jtl (1.77 kB) J-C606A-JMET-01-ST02-DT02-DF11-CF20-01.yaml (3.72 kB) runFifos.py (2.67 kB) J-C606A-JMET-01-ST02-DT02-DF11-CF20-01.xml (37.75 kB)
Flaw	CWE-606: Unchecked Input for Loop Condition • 17

There are no comments

Have any comments on this test case? Please, .

GenericController.java
service_mon.sh
http-test.jmx
http-test.jmx
http-test.jmx
http-test.jmx
http-test.jtl
J-C606A-JMET-01-ST02-DT02-DF11-CF20-01.yaml
runFifos.py

File Contains:
CWE-606: Unchecked Input for Loop Condition on line(s): 497, 498, 499, 500, 501, 502, 503, 504, 505, 506, 507, 508, 509, 510, 511, 512, 513