Downloads:
Back to the previous page
| Test Case ID |  154598 |
| Bad / Good / Mixed | Bad |
| Author | IARPA STONESOUP Test and Evaluation team |
| Associations | Test suite: 102 Application: 11 |
| Added by | Charles Oliveira |
| Language | Java |
| Type of test case | Source Code |
| Input string | |
| Expected Output | |
| Instructions | See src/build.xml and src/maven-build.xml. |
| Submission date | 2015-10-06 |
| Description | This weakness takes in an integer and string "int string" where the integer is the size of the array to sort for timing and the string contains the value that is acted upon by the treads, passed as a global static class. A divide by zero error occurs when the string starts with 'A' and the array size is significantly large. In practice the benign sort values are <50 and exploit are >5000000 to achieve (essentially) guaranteed effects. Metadata - Base program: Apache Jena - Source Taint: FILE_CONTENTS - Data Type: SIMPLE - Data Flow: ADDRESS_AS_CONSTANT - Control Flow: SEQUENCE |
| File(s) |
|
| Flaw |
There are no comments
Have any comments on this test case? Please,
.
- ComponentPatternParser.java
- runFifos.py
- service_mon.sh
- J-C821A-JENA-07-ST02-DT02-DF05-CF20-01.yaml
- J-C821A-JENA-07-ST02-DT02-DF05-CF20-01.xml
File Contains:
CWE-821: Incorrect Synchronization on line(s): 609, 610, 611, 612, 613, 614, 615
CWE-821: Incorrect Synchronization on line(s): 609, 610, 611, 612, 613, 614, 615