Test case 155392

Type: source code
State: bad
Author: IARPA STONESOUP Test and Evaluation team
Status: candidate
Language: Java
Application: cpe:2.3:a:apache:jena:2.11.0:-:*:*:*:*:*:*
Submission Date: 06 Oct 2015

Description

This test takes in a value from a taint source,
which is then used to allocate an array. This value is
positive when stored in a byte, but if the value is between 128 and
255, becomes negative if stored in a byte. When this negative value
is stored in a larger container (an int) it becomes a very large
number. When this number is used as part of a loop, it results in an
out of bounds exception.
Metadata
- Base program: Apache Jena
- Source Taint: ENVIRONMENT_VARIABLE
- Data Type: ARRAY
- Data Flow: ADDRESS_AS_FUNCTION_RETURN_VALUE
- Control Flow: CALLBACK

Flaws

CWE-194 Unexpected Sign Extension

Test Suites

IARPA STONESOUP Phase 3 - Test Cases
Apache Jena 2.11.0

Documentation

Overview.pdf
Test Case Creation Guide.pdf
Weaknesses Documentation.pdf
TEXAS User Guide.pdf
Communication API Guide.pdf
System Design Document.pdf
Test and Evaluation Phase 3 Final Report.pdf
Test Generation Report
Kestrel Institute Report.pdf

Have any comments on this test case? Please, send us an email.