National Institute of Standards and Technology
Package illustrating a test case

Test case 154492

Description

This test takes an integer and filename as input (int filename), and checks that the file exists, and is in the current directory. However there is a time of check,time of use vulnerability after the file is checked but before it is opened allowing the file to be deleted before opening causing a null pointer dereference.
Metadata
- Base program: Apache Jena
- Source Taint: ENVIRONMENT_VARIABLE
- Data Type: VOID_POINTER
- Data Flow: BASIC
- Control Flow: INFINITE_LOOP

Flaws

Test Suites

Documentation

Have any comments on this test case? Please, send us an email.