SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #154658

Back to the previous page... Back to the previous page

Test Case IDCandidate154658
Bad / Good / MixedBadBad test case
AuthorIARPA STONESOUP Test and Evaluation team
Associations
Test suite: 102  
Application: 11  
Added byCharles Oliveira
LanguageJava
Type of test caseSource Code
Input string
Expected Output
Instructions
See src/build.xml and src/maven-build.xml.
Submission date2015-10-06
DescriptionThis weakness takes a string in the form: '<qsize> <data>' where qsize is the size of the array to sort (used to delay execution) and data is a string that is used for processing. The contents of this string are unimportant. Two threads are created, one of which fails to check for a mutex lock leading to a null pointer dereference. In order to hit the weakness qsize >= 5000000, benign values should use qsize <= 50.
Metadata
- Base program: Apache Jena
- Source Taint: FILE_CONTENTS
- Data Type: ARRAY
- Data Flow: JAVA_GENERICS
- Control Flow: INTERPROCEDURAL_10
File(s)
Flaw

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-414: Missing Lock Check on line(s): 466, 467