SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #154578

Back to the previous page... Back to the previous page

Test Case IDCandidate154578
Bad / Good / MixedBadBad test case
AuthorIARPA STONESOUP Test and Evaluation team
Test suite: 102  
Application: 11  
Added byCharles Oliveira
Type of test caseSource Code
Input string
Expected Output
See src/build.xml and src/maven-build.xml.
Submission date2015-10-06
DescriptionThis weakness takes an integer and string as input (int string) where the integer is the size of the array to sort for timing and the string is the data that is acted upon. The weakness spawns two threads, both of which in turn call the function 'arrFunc' which is non-reentrant. 'arrFunc' uses a static integer to iterate through the string which can lead to multiple increments of j per iteration of the for loop causing a StringIndexOutOfBoundsException if 'arrFunc' is run simultaneously by two or more threads.

- Base program: Apache Jena
- Source Taint: SOCKET
- Data Type: ARRAY
- Control Flow: RECURSIVE

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-663: Use of a Non-reentrant Function in a Concurrent Context on line(s): 1007, 1008, 1009, 1010, 1011, 1012, 1013, 1014, 1015, 1016, 1017, 1018, 1019, 1020, 1021, 1022, 1023, 1024, 1025






Contact: :: Created: Jan. 2006 :: Updated: Nov. 2017 :: Version: 4.9