National Institute of Standards and Technology
Package illustrating a test case

Test case 153733

Description

This test case implements an unchecked write into a stack allocated buffer. The buffer is declared as a fixed size local variable within a function. Untrusted input is not properly sanitized or restricted before being copied into the target buffer, resulting in a buffer overflow. The overflow potentially modifies other local variables, depending on the layout of the stack. If the stack grows downward, the overflow will eventually overwrite %eip, smashing the stack or setting it to a valid instruction.
Metadata
- Base program: Wireshark
- Source Taint: SHARED_MEMORY
- Data Type: TYPEDEF
- Data Flow: INDEX_ALIAS_50
- Control Flow: UNCONDITIONAL_JUMP

Flaws

Test Suites

Documentation

Have any comments on this test case? Please, send us an email.