SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security

View/Download Test Cases

Test Suite #58: C++ Test Suite for Source Code Analyzer - false positive

Results: 39 test cases in 2 pages. Pages: 1 2
Go to page:

Select Test Case ID(down) Submission Date Language Type of Artifact Status Description Weakness Bad
Good
Mixed
19602007-07-13C++Source CodeCandidate users cannot add the arguments -debug -root to take advantage of ...CWE-489: Leftover Debug Code
Good test case
19662007-07-13C++Source CodeAccepted The test case is a basic CGI source code which allows Cross-Site ...CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Good test case
19682007-07-13C++Source CodeCandidate created objects are never destroyedCWE-401: Improper Release of Memory Before Removing Last Reference ('Memory Leak')
Good test case
19722007-07-13C++Source CodeAccepted user can input more then the max number of characters causing a ...CWE-121: Stack-based Buffer Overflow
Good test case
19742007-07-13C++Source CodeAccepted The test case is a basic CGI source code which allows Cross-Site ...CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Good test case
19762007-07-13C++Source CodeAccepted The test case is a basic CGI source code which allows Cross-Site ...CWE-079: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Good test case
19782007-07-13C++Source CodeCandidate Integer is not initiated before useCWE-457: Use of Uninitialized Variable
Good test case
19802007-07-13C++Source CodeAccepted By using a wrong pointer type, the program will output a ...CWE-468: Incorrect Pointer Scaling
Good test case
19842007-07-13C++Source CodeAccepted The test case has a SQL Injection weakness.CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Good test case
19862007-07-13C++Source CodeAccepted The test case has a SQL Injection weakness in a Scope complexity.CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Good test case
19882007-07-13C++Source CodeCandidate integer p is not initiated before its use in a for loopCWE-457: Use of Uninitialized Variable
Good test case
19902007-07-13C++Source CodeAccepted The test case has a SQL Injection weakness in a array index ...CWE-089: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Good test case
19922007-07-13C++Source CodeAccepted Throws and uncaught range check exceptionCWE-391: Unchecked Error Condition
Good test case
19942007-07-13C++Source CodeAccepted The pointer p is dereferenced even though the value is null.CWE-476: NULL Pointer Dereference
Good test case
19962007-07-13C++Source CodeAccepted The pointer is dereferenced even though the value is null in the ...CWE-476: NULL Pointer Dereference
Good test case
19982007-07-13C++Source CodeAccepted The pointer p is dereferenced even though the value is null.CWE-476: NULL Pointer Dereference
Good test case
20002007-07-13C++Source CodeAccepted Null Dereference in a Index Alias complexityCWE-476: NULL Pointer Dereference
Good test case
20222007-11-29C++Source CodeAccepted Assume all input is malicious. Use an appropriate combination of ...CWE-099: Improper Control of Resource Identifiers ('Resource Injection')
Good test case
20242007-11-29C++Source CodeAccepted Assume all input is malicious. Use an appropriate combination of ...CWE-099: Improper Control of Resource Identifiers ('Resource Injection')
Good test case
20252007-11-29C++Source CodeAccepted Assume all input is malicious. Use an appropriate combination of ...CWE-099: Improper Control of Resource Identifiers ('Resource Injection')
Good test case
1 2
Total of selected test cases: 39
Total pages: 2