Downloads:
Back to the previous page
| Test Case ID |  156478 |
| Bad / Good / Mixed | Bad |
| Author | IARPA STONESOUP Test and Evaluation team |
| Associations | Test suite: 102 Application: 11 |
| Added by | Charles Oliveira |
| Language | Java |
| Type of test case | Source Code |
| Input string | |
| Expected Output | |
| Instructions | See src/build.xml and src/maven-build.xml. |
| Submission date | 2015-10-06 |
| Description | This test takes in data from an argument, that is intended to contain parameters for an 'find' command. The test does not perform checks on the parameters, however, and it is possible to include other, unexpected commands as part of the find parameter set. Metadata - Base program: Apache Jena - Source Taint: FILE_CONTENTS - Data Type: SIMPLE - Data Flow: JAVA_GENERICS - Control Flow: INFINITE_LOOP |
| File(s) |
|
| Flaw |
There are no comments
Have any comments on this test case? Please,
.
- LexerHost.java
- J-C088A-JENA-03-ST02-DT02-DF18-CF03-01.yaml
- service_mon.sh
- J-C088A-JENA-03-ST02-DT02-DF18-CF03-01.xml
- runFifos.py
File Contains:
CWE-088: Argument Injection or Modification on line(s): 1314, 1315
CWE-088: Argument Injection or Modification on line(s): 1314, 1315