National Institute of Standards and Technology
Package illustrating a test case

Test case 152978

Description

This test case implements a heap allocated buffer that erroneously gets double free()'d causing a segfault. The test case takes an input string and copies it into a heap allocated buffer. It then checks to see if the first character is an 'a' or greater and if so, calls a function that finishes by free()ing the buffer. The test case then finishes execution and free()s the buffer, causing a double free if the first character was an 'a' or greater.
Metadata
- Base program: Wireshark
- Source Taint: SHARED_MEMORY
- Data Type: HEAP_POINTER
- Data Flow: ADDRESS_AS_FUNCTION_RETURN_VALUE
- Control Flow: POINTER_TO_FUNCTION

Flaws

Test Suites

Documentation

Have any comments on this test case? Please, send us an email.