SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #156392

Back to the previous page... Back to the previous page

Test Case IDCandidate156392
Bad / Good / MixedBadBad test case
AuthorIARPA STONESOUP Test and Evaluation team
Associations
Test suite: 102  
Application: 16  
Added byCharles Oliveira
LanguageJava
Type of test caseSource Code
Input string
Expected Output
Instructions
See src/build.xml.
Submission date2015-10-06
DescriptionThis test takes in data from an argument, that is intended
to contain parameters for an 'find' command. The test does not perform
checks on the parameters, however, and it is possible to include
other, unexpected commands as part of the find parameter set.

Metadata
- Base program: JTree
- Source Taint: ENVIRONMENT_VARIABLE
- Data Type: SIMPLE
- Data Flow: BASIC
- Control Flow: SEQUENCE
File(s)
Flaw

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-088: Argument Injection or Modification on line(s): 126, 127