Test case 1288

Cves: CVE-1999-0878
Type: source code
Pairs: 1287-v1.0.0
State: good
Author: MIT
Status: candidate
Language: C
Submission Date: 24 Jan 2006

Description

Mapped CHDIR overflow CA-1999-13, CVE-1999-0878.
Patched version.
From MIT benchmarks (models/wu-ftpd/f1)
Unchecked strcpy and strcat calls that copy tainted pathnames into a buffer.
Patched file: mapped-path-ok.c
Patched line number: 102, 144, 148, 167

Flaws

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Test Suites

Testing Exploitable Buffer Overflows From Open Source Code

Have any comments on this test case? Please, send us an email.