SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #149333

Back to the previous page... Back to the previous page

Test Case IDCandidate149333
Bad / Good / MixedBadBad test case
AuthorIARPA STONESOUP Test and Evaluation team
Associations
Test suite: 102  
Application: 5  
Added byCharles Oliveira
LanguageC
Type of test caseSource Code
Input string
Expected Output
Instructions
See src/INSTALL file for instructions on how to install.
Submission date2015-10-06
DescriptionThis test case reads entries from a comma-separated-value file. It expects to read 3 strings from a file in the format: double quote, up to 79 characters, double quote, comma; double quote, up to 79 characters, double quote, comma; and double quote, up to 79 characters, double quote. The test case then creates an array of 3 pointers, setting each pointer to NULL initially. It checks each string read from the file, and if the length of the string from the file is non-zero, it sets the corresponding pointer to that string. It then writes each of these three pointers to another file, using fputs. If the file is not in the format expected, the three strings will not be read in properly. Some of the pointers in the array of 3 pointers will then not be set correctly and will remain NULL. When the test case tries to write the strings to the output file, it will receive a segmentation fault on the fputs call.
Metadata
- Base program: PostgreSQL
- Source Taint: SOCKET
- Data Type: ARRAY
- Data Flow: ADDRESS_AS_CONSTANT
- Control Flow: MACROS
File(s)
Flaw

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-476: NULL Pointer Dereference on line(s): 2725, 2726, 2727, 2728, 2729, 2730, 2731, 2732, 2733, 2734