SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security

View/Download Test Cases

Test Suite #45: C Test Suite for Source Code Analyzer - weakness (deprecated)

Results: 77 test cases in 4 pages. Pages: 1 2 3 4
Go to page:

Select Test Case ID(up) Submission Date Language Type of Artifact Status Description Weakness Bad
Good
Mixed
17372006-08-17CSource CodeDeprecated Test if tool can detect a heap inspection vulnerability.CWE-244: Improper Clearing of Heap Memory Before Release ('Heap Inspection')
Bad test case
16122006-06-22CSource CodeDeprecated An strncpy is used to copy a string but the length is given ...CWE-122: Heap-based Buffer Overflow
Bad test case
16112006-06-22CSource CodeDeprecated An strcpy overflows a heap buffer.CWE-122: Heap-based Buffer Overflow
Bad test case
15902006-06-22CSource CodeDeprecated malloc'd data is freed before being returned to the caller and freedaCWE-415: Double Free
Bad test case
15882006-06-22CSource CodeDeprecated malloc'd data is returned to the caller but never freed.CWE-401: Improper Release of Memory Before Removing Last Reference ('Memory Leak')
Bad test case
15852006-06-22CSource CodeDeprecated malloc'd data is never freed and all pointers to the data are lost.CWE-401: Improper Release of Memory Before Removing Last Reference ('Memory Leak')
Bad test case
15652006-06-22CSource CodeDeprecated fgets is called with an incorrect bound allowing a stack buffer ...CWE-121: Stack-based Buffer Overflow
Bad test case
15632006-06-22CSource CodeDeprecated gets is never safe for untrusted input due to lack of buffer ...CWE-121: Stack-based Buffer Overflow
Bad test case
15482006-06-22CSource CodeDeprecated An ad-hoc string copy without bounds check overflows a stack buffer.CWE-121: Stack-based Buffer Overflow
Bad test case
15442006-06-22CSource CodeDeprecated A string decode function misses a termination check which allows thedCWE-121: Stack-based Buffer Overflow
Bad test case
14462006-02-17CSource CodeDeprecated Attempted "double free" of allocated memory.CWE-415: Double Free
Bad test case
1112006-01-04CSource CodeDeprecated System() is called with user-provided data. . PLOVER: CODE.EVALCWE-078: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Bad test case
1022006-01-04CSource CodeDeprecated A file is accessed multiple times by name in a publically accessibledCWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
Bad test case
992006-01-04CSource CodeDeprecated malloc"d data is freed more than once. . PLOVER: MISC.DFREECWE-415: Double Free
Bad test case
932006-01-04CSource CodeDeprecated Syslog is called with a user supplied format string. . PLOVER: ...CWE-134: Uncontrolled Format String
Bad test case
922006-01-04CSource CodeDeprecated Printf is called with a user supplied format string. . PLOVER: ...CWE-134: Uncontrolled Format String
Bad test case
102005-10-27CSource CodeDeprecated Format string problems occur when a user has the ability to ...CWE-134: Uncontrolled Format String
Bad test case
1 2 3 4
Total of selected test cases: 77
Total pages: 4