National Institute of Standards and Technology
Package illustrating a test case

Test case 153756

Description

This test case takes a buffer as input and copies it into another buffer. It then converts the new buffer to uppercase and prints it out. If the provided input is larger than the buffer it is being copied into, then this will result in a buffer overwrite due to access with an incorrect length. This is due to using the input length in the strncpy call used to copy the buffer.
Metadata
- Base program: Subversion
- Source Taint: ENVIRONMENT_VARIABLE
- Data Type: SIMPLE
- Data Flow: ADDRESS_AS_LINEAR_EXPRESSION
- Control Flow: UNCONDITIONAL_JUMP

Flaws

Test Suites

Documentation

Have any comments on this test case? Please, send us an email.