National Institute of Standards and Technology
Package illustrating a test case

Test case 154472

Description

This test takes an integer and filename as input (int filename), and checks that the file exists, and is in the current directory. However there is a time of check,time of use vulnerability after the file is checked but before it is opened allowing the file to be deleted before opening causing a null pointer dereference.
Metadata
- Base program: Apache JMeter
- Source Taint: FILE_CONTENTS
- Data Type: SIMPLE
- Data Flow: BASIC
- Control Flow: SEQUENCE

Flaws

Test Suites

Documentation

Have any comments on this test case? Please, send us an email.