SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #153777

Back to the previous page... Back to the previous page

Test Case IDCandidate153777
Bad / Good / MixedBadBad test case
AuthorIARPA STONESOUP Test and Evaluation team
Associations
Test suite: 102  
Application: 3  
Added byCharles Oliveira
LanguageC
Type of test caseSource Code
Input string
Expected Output
Instructions
See src/INSTALL file for instructions on how to install.
Submission date2015-10-06
DescriptionThis test case takes a buffer as input and copies it into another buffer. It then converts the new buffer to uppercase and prints it out. If the provided input is larger than the buffer it is being copied into, then this will result in a buffer overwrite due to access with an incorrect length. This is due to using the input length in the strncpy call used to copy the buffer.
Metadata
- Base program: GNU Grep
- Source Taint: FILE_CONTENTS
- Data Type: SIMPLE
- Data Flow: BASIC
- Control Flow: SEQUENCE
File(s)
Flaw

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-805: Buffer Access with Incorrect Length Value on line(s): 4085, 4086, 4087, 4088, 4089, 4090, 4091, 4092