SAMATE Logo NIST Logo The SAMATE Project Department of Homeland Security
Downloads:  Download this Test Case #156949

Back to the previous page... Back to the previous page

Test Case IDCandidate156949
Bad / Good / MixedBadBad test case
AuthorIARPA STONESOUP Test and Evaluation team
Associations
Test suite: 102  
Application: 15  
Added byCharles Oliveira
LanguageJava
Type of test caseSource Code
Input string
Expected Output
Instructions
See src/docs/howtobuild.html file for instructions on how to install.
Submission date2015-10-06
DescriptionTest will take in a value that is a path to a file under
the working directory that will then be displayed. The path isn't checked
for ../ characters and as a result will display files outside of the
current working directory.

Metadata
- Base program: Apache POI
- Source Taint: SOCKET
- Data Type: VOID_POINTER
- Data Flow: JAVA_GENERICS
- Control Flow: INTERPROCEDURAL_2
File(s)
Flaw

There are no comments
Have any comments on this test case? Please, .

File Contains:
CWE-023: Relative Path Traversal on line(s): 376, 377, 378, 379, 380, 381, 382, 383, 384, 385, 386, 387, 388, 389, 390, 391, 392, 393, 394, 395, 396, 397, 398, 399, 400, 401, 402, 403, 404, 405, 406, 407, 408, 409, 410, 411