SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #156345

Back to the previous page... Back to the previous page

Test Case IDCandidate156345
Bad / Good / MixedBadBad test case
AuthorIARPA STONESOUP Test and Evaluation team
Test suite: 102  
Application: 16  
Added byCharles Oliveira
Type of test caseSource Code
Input string
Expected Output
See src/build.xml.
Submission date2015-10-06
DescriptionThis test takes in data from an argument, that is intended
to contain parameters for an 'find' command. The test does not perform
checks on the parameters, however, and it is possible to include
other, unexpected commands as part of the find parameter set.

- Base program: JTree
- Source Taint: FILE_CONTENTS
- Data Type: SIMPLE
- Data Flow: BASIC
- Control Flow: SEQUENCE

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-088: Argument Injection or Modification on line(s): 155, 156