SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security

View/Download Test Cases

Test Suite #6: ABM 1.0.1

Results: 112 test cases in 6 pages. Pages: 1 2 3 4 5 6
Go to page:

Select Test Case ID(up) Submission Date Language Type of Artifact Status Description Weakness Bad
Good
Mixed
15752006-06-22CSource CodeCandidate integer overflow results in a short malloc and an overflow. A guardiCWE-122: Heap-based Buffer Overflow
Bad test case
15742006-06-22CSource CodeDeprecated integer overflow results in a short malloc and an overflow. A guardiCWE-122: Heap-based Buffer Overflow
Good test case
15732006-06-22CSource CodeDeprecated integer overflow results in a short malloc and an overflow. A guardwCWE-122: Heap-based Buffer Overflow
Bad test case
15722006-06-22CSource CodeCandidate integer overflow results in a short malloc and an overflow.CWE-122: Heap-based Buffer Overflow
Bad test case
15712006-06-22JavaSource CodeCandidate An exception leaks internal path information to the user. (fixed ...None givenGood test case
15702006-06-22JavaSource CodeCandidate An exception leaks internal path information to the user.None givenBad test case
15692006-06-22JavaSource CodeCandidate The credentials for connecting to the database are hard-wired ...CWE-259: Use of Hard-coded Password
Good test case
15682006-06-22JavaSource CodeCandidate The credentials for connecting to the database are hard-wired ...CWE-259: Use of Hard-coded Password
Good test case
15672006-06-22JavaSource CodeCandidate The credentials for connecting to the database are hard-wired ...CWE-259: Use of Hard-coded Password
Bad test case
15662006-06-22CSource CodeDeprecated fgets is called with a correct bound.CWE-121: Stack-based Buffer Overflow
Good test case
15652006-06-22CSource CodeDeprecated fgets is called with an incorrect bound allowing a stack buffer ...CWE-121: Stack-based Buffer Overflow
Bad test case
15642006-06-22CSource CodeDeprecated fgets is used in place of gets with a proper bounds check.CWE-121: Stack-based Buffer Overflow
Good test case
15632006-06-22CSource CodeDeprecated gets is never safe for untrusted input due to lack of buffer ...CWE-121: Stack-based Buffer Overflow
Bad test case
15622006-06-22CSource CodeDeprecated Printf is called with a static format string. This is not a defect.CWE-134: Uncontrolled Format String
Good test case
15612006-06-22CSource CodeCandidate Printf is called with a format from a table. This is not a defect.CWE-134: Uncontrolled Format String
Good test case
15602006-06-22CSource CodeDeprecated Syslog is called with a programmer supplied format string.CWE-134: Uncontrolled Format String
Good test case
15592006-06-22CSource CodeDeprecated Syslog is called with a user supplied format string. An attempt wasmCWE-134: Uncontrolled Format String
Bad test case
15582006-06-22CSource CodeDeprecated Syslog is called with a programmer supplied format string.CWE-134: Uncontrolled Format String
Good test case
15572006-06-22CSource CodeCandidate Syslog is called with a user supplied format string.CWE-134: Uncontrolled Format String
Bad test case
15562006-06-22CSource CodeDeprecated Printf is called with a programmer supplied format string.CWE-134: Uncontrolled Format String
Good test case
1 2 3 4 5 6
Total of selected test cases: 112
Total pages: 6