SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #153769

Back to the previous page... Back to the previous page

Test Case IDCandidate153769
Bad / Good / MixedBadBad test case
AuthorIARPA STONESOUP Test and Evaluation team
Associations
Test suite: 102  
Application: 17  
Added byCharles Oliveira
LanguageC
Type of test caseSource Code
Input string
Expected Output
Instructions
See src/INSTALL file for instructions on how to install.
Submission date2015-10-06
DescriptionThis test case creates a struct on the stack that contains a function pointer and a char*. It examines the length of the taint source. If the length is not equal to 10, it sets the function pointer and char* within the struct to benign values. If the length is equal to 10, it does not set the function pointer or char* inside the struct, leaving them uninitialized. Subsequently, the test case calls the function pointer from the struct, using the char* from the struct as an argument. If these values have not been initialized, this will result in a segmentation fault or illegal instruction fault.
Metadata
- Base program: FFmpeg
- Source Taint: FILE_CONTENTS
- Data Type: HEAP_POINTER
- Data Flow: ADDRESS_AS_NONLINEAR_EXPRESSION
- Control Flow: SET_JUMP_LONG_JUMP
File(s)
Flaw

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-824: Access of Uninitialized Pointer on line(s): 907, 908