SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #152942

Back to the previous page... Back to the previous page

Test Case IDCandidate152942
Bad / Good / MixedBadBad test case
AuthorIARPA STONESOUP Test and Evaluation team
Test suite: 102  
Application: 18  
Added byCharles Oliveira
Type of test caseSource Code
Input string
Expected Output
See src/INSTALL file for instructions on how to install.
Submission date2015-10-06
DescriptionThis test case implements an unchecked write into a stack allocated buffer. The buffer is declared as a fixed size local variable within a function. Untrusted input is not properly sanitized or restricted before being copied into the target buffer, resulting in a buffer overflow. The overflow potentially modifies other local variables, depending on the layout of the stack. If the stack grows downward, the overflow will eventually overwrite %eip, smashing the stack or setting it to a valid instruction.
- Base program: Gimp
- Source Taint: SOCKET
- Data Type: TYPEDEF
- Data Flow: ADDRESS_ALIAS_1
- Control Flow: RECURSIVE

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') on line(s): 1265, 1266, 1267