SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security

View/Download Test Cases

Test Suite #46: C Test Suite for Source Code Analyzer - false positive (deprecated)

Results: 73 test cases in 4 pages. Pages: 1 2 3 4
Go to page:

Select Test Case ID(down) Submission Date Language Type of Artifact Status Description Weakness Bad
Good
Mixed
15452006-06-22CSource CodeDeprecated A string decode function properly checks for termination and no ...CWE-121: Stack-based Buffer Overflow
Good test case
15472006-06-22CSource CodeDeprecated An ad hoc gets with bounds check does not allow a stack buffer to beoCWE-121: Stack-based Buffer Overflow
Good test case
15492006-06-22CSource CodeDeprecated An ad-hoc string copy with bounds check does not overflows a ...CWE-121: Stack-based Buffer Overflow
Good test case
15562006-06-22CSource CodeDeprecated Printf is called with a programmer supplied format string.CWE-134: Uncontrolled Format String
Good test case
15602006-06-22CSource CodeDeprecated Syslog is called with a programmer supplied format string.CWE-134: Uncontrolled Format String
Good test case
15622006-06-22CSource CodeDeprecated Printf is called with a static format string. This is not a defect.CWE-134: Uncontrolled Format String
Good test case
15662006-06-22CSource CodeDeprecated fgets is called with a correct bound.CWE-121: Stack-based Buffer Overflow
Good test case
15742006-06-22CSource CodeDeprecated integer overflow results in a short malloc and an overflow. A guardiCWE-122: Heap-based Buffer Overflow
Good test case
15862006-06-22CSource CodeDeprecated malloc'd data is freed.CWE-401: Improper Release of Memory Before Removing Last Reference ('Memory Leak')
Good test case
15892006-06-22CSource CodeDeprecated malloc'd data is freed in the caller.CWE-401: Improper Release of Memory Before Removing Last Reference ('Memory Leak')
Good test case
15912006-06-22CSource CodeDeprecated malloc'd data is freed only once.CWE-415: Double Free
Good test case
16022006-06-22CSource CodeDeprecated A strcpy does not overflows a stack buffer because a check is ...CWE-121: Stack-based Buffer Overflow
Good test case
16132006-06-22CSource CodeDeprecated A strncpy safely copies a string into a heap buffer.CWE-122: Heap-based Buffer Overflow
Good test case
16152006-06-22CSource CodeDeprecated A strcpy is used to copy a string into a heap buffer. The ...CWE-122: Heap-based Buffer Overflow
Good test case
17952007-01-11CSource CodeDeprecated This Cross-Site Scripting example shows how a CGI program in C takestCWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Good test case
17972007-01-11CSource CodeDeprecated The SQL Injection is possible because the arguments are not ...CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Good test case
17992007-01-11CSource CodeDeprecated The SQL Injection is possible if the arguments are not validated.CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Good test case
18012007-01-11CSource CodeDeprecated The SQL Injection is possible because the argument are not validated CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Good test case
18282007-03-01CSource CodeDeprecated This test case shows a double free in a local control flow ...CWE-415: Double Free
Good test case
18302007-03-01CSource CodeDeprecated This test case shows a double free in a for loop structure.CWE-415: Double Free
Good test case
1 2 3 4
Total of selected test cases: 73
Total pages: 4