Back to the previous page
Test Case ID | ![]() |
Bad / Good / Mixed | Bad![]() |
Author | IARPA STONESOUP Test and Evaluation team |
Associations | Test suite: 102 Application: 14 |
Added by | Charles Oliveira |
Language | Java |
Type of test case | Source Code |
Input string | |
Expected Output | |
Instructions | See src/BUILD.txt file for instructions on how to install. |
Submission date | 2015-10-06 |
Description | This weakness takes a value and converts it to upper case. If it contains characters not a-zA-Z, then the function used to covert to upper case will return null. After converting the value to upper case it is compared to a static password. This comparison will cause an error if the value contained a number, punctuation, space, etc. Metadata - Base program: Apache Lucene - Source Taint: FILE_CONTENTS - Data Type: SIMPLE - Data Flow: ADDRESS_AS_FUNCTION_RETURN_VALUE - Control Flow: SEQUENCE |
File(s) |
|
Flaw |
There are no comments
Have any comments on this test case? Please,
.
- WeakIdentityMap.java
- service_mon.sh
- J-C252A-LUCE-08-ST02-DT02-DF06-CF20-01.xml
- runFifos.py
- J-C252A-LUCE-08-ST02-DT02-DF06-CF20-01.yaml
File Contains:
CWE-252: Unchecked Return Value on line(s): 190, 191, 192, 193, 194, 195, 196, 197
CWE-252: Unchecked Return Value on line(s): 190, 191, 192, 193, 194, 195, 196, 197