Downloads:
Back to the previous page
| Test Case ID |  154492 |
| Bad / Good / Mixed | Bad |
| Author | IARPA STONESOUP Test and Evaluation team |
| Associations | Test suite: 102 Application: 11 |
| Added by | Charles Oliveira |
| Language | Java |
| Type of test case | Source Code |
| Input string | |
| Expected Output | |
| Instructions | See src/build.xml and src/maven-build.xml. |
| Submission date | 2015-10-06 |
| Description | This test takes an integer and filename as input (int filename), and checks that the file exists, and is in the current directory. However there is a time of check,time of use vulnerability after the file is checked but before it is opened allowing the file to be deleted before opening causing a null pointer dereference. Metadata - Base program: Apache Jena - Source Taint: ENVIRONMENT_VARIABLE - Data Type: VOID_POINTER - Data Flow: BASIC - Control Flow: INFINITE_LOOP |
| File(s) |
|
| Flaw |
There are no comments
Have any comments on this test case? Please,
.
- IRIImpl.java
- runFifos.py
- service_mon.sh
- preprocess_daemon_script_01.sh
- J-C367A-JENA-06-ST01-DT03-DF11-CF03-01.yaml
- J-C367A-JENA-06-ST01-DT03-DF11-CF03-01.xml
File Contains:
CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition on line(s): 206, 207, 208, 209, 210, 211, 212, 213, 214, 215
CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition on line(s): 206, 207, 208, 209, 210, 211, 212, 213, 214, 215