Description
This test case implements a single signal handler that is associated with two signals. The test case takes the names of two control files and an input string. The control files are used for timing within the test case to ensure that the test case follows an exploiting or benign execution path, and the input string is used as shared data for the threads to act upon. When executing, the test case assigns a signal hander to catch 'SIGURS1' that free()s an internal array, and if the input string starts with an 'A' assigns the same signal handler to catch 'SIGURS2'. If the test case receives both signals after registering the signal handler to both it will double free() the internal array causing a segfault.
Metadata
- Base program: Tree
- Source Taint: SOCKET
- Data Type: SIMPLE
- Data Flow: BASIC
- Control Flow: SEQUENCE
Flaws
Test Suites
IARPA STONESOUP Phase 3 - Test Cases
Documentation
Have any comments on this test case? Please, send us an email.