Test Plan 2009 07 29

1. Testing Regular Expressions

1.1 Requirements to be tested

Testing the ability of the program to find attack surface (user input points) and pull out the proper variable names.

1.2 Oracle

  • Success: Program correctly identifies attack surface and has the correct variable name

OR

  • Failure: Program fails to identify attack surface OR pulls the wrong variable name

1.3 Test Execution

Sample code (Attached below : source1.c) was scanned successfully except for a bug found in the previous round of testing that has not yet been fixed..

1.4 Result Summary

Success: The program traced the variable: name through the file.

2. Testing Regular Expressions

2.1 Requirements to be tested

Testing the ability of the program to find attack surface (user input points) and pull out the proper variable names.

2.2 Oracle

  • Success: Program correctly identifies attack surface and has the correct variable name

OR

  • Failure: Program fails to identify attack surface OR pulls the wrong variable name

2.3 Test Execution

Sample code (Attached below : source2.c) contains a scanf call.

2.4 Result Summary

Failure: Program looks to have failed to find the scanf call. (Program returned no output for RATS to scan)

3. Testing Regular Expressions

3.1 Requirements to be tested

Testing the ability of the program to find attack surface (user input points) and pull out the proper variable names.

3.2 Oracle

  • Success: Program correctly identifies attack surface and has the correct variable name

OR

  • Failure: Program fails to identify attack surface OR pulls the wrong variable name

3.3 Test Execution

Sample code (Attached below : source3.zip) contains a scanf and a fixed size array call.

3.4 Result Summary

Success: Program looks to have correctly identified variable to track through program.

4. Testing Regular Expressions

4.1 Requirements to be tested

Testing the ability of the program to find attack surface (user input points) and pull out the proper variable names.

4.2 Oracle

  • Success: Program correctly identifies attack surface and has the correct variable name

OR

  • Failure: Program fails to identify attack surface OR pulls the wrong variable name

4.3 Test Execution

Sample code (Attached below : source4.c) contains a memcpy call.

4.4 Result Summary

Failure: Program fails to identify memcpy [memcpy(session->peer_challenge, reply->challenge, reply->count);] call.

5. Testing Regular Expressions

5.1 Requirements to be tested

Testing the ability of the program to find attack surface (user input points) and pull out the proper variable names.

5.2 Oracle

  • Success: Program correctly identifies attack surface and has the correct variable name

OR

  • Failure: Program fails to identify attack surface OR pulls the wrong variable name

5.3 Test Execution

Sample code (Attached below : source5.c) was scanned which included a vsnprintf call [vsnprintf(buff, sizeof (buff), fmt, args);].

5.4 Result Summary

Failure: The program did not locate the vsnprintf call.

6. Testing Regular Expressions

6.1 Requirements to be tested

Testing the ability of the program to find attack surface (user input points) and pull out the proper variable names.

6.2 Oracle

  • Success: Program correctly identifies attack surface and has the correct variable name

OR

  • Failure: Program fails to identify attack surface OR pulls the wrong variable name

6.3 Test Execution

Sample code (Attached below : source6.c) was scanned which included a bcopy call [bcopy(hp->h_addr, (char *) &(aconf->ipnum), sizeof(struct in_addr));].

6.4 Result Summary

Failure: bcopy was not located within the file.

7. Testing Regular Expressions

7.1 Requirements to be tested

Testing the ability of the program to find attack surface (user input points) and pull out the proper variable names.

7.2 Oracle

  • Success: Program correctly identifies attack surface and has the correct variable name

OR

  • Failure: Program fails to identify attack surface OR pulls the wrong variable name

7.3 Test Execution

Sample code (Attached below : source7.c) was scanned which included several strcat calls [strcat (full_filename, "/lib");].

7.4 Result Summary

Failure: strcat and strcpy functions were not found.

8. Testing Regular Expressions

8.1 Requirements to be tested

Testing the ability of the program to find attack surface (user input points) and pull out the proper variable names.

8.2 Oracle

  • Success: Program correctly identifies attack surface and has the correct variable name

OR

  • Failure: Program fails to identify attack surface OR pulls the wrong variable name

8.3 Test Execution

Sample code (Attached below : source8.zip) was scanned which included several gets calls.

8.4 Result Summary

Success: Program located gets calls and traced variables.

9. Testing Regular Expressions

9.1 Requirements to be tested

Testing the ability of the program to find attack surface (user input points) and pull out the proper variable names, then display them to the user by showing the variable name and the lines where that variable was found in the code.

9.2 Oracle

  • Success: Program correctly identifies attack surface and has the correct variable name and displays the information properly.

OR

  • Failure: Program fails to identify attack surface OR pulls the wrong variable name OR displays the information wrong.

9.3 Test Execution

Sample code (Attached below : source9.c) was scanned containing many different function calls that the program should find.

9.4 Result Summary

Failure: GUI displays variable names [f] [pid] with no associated line numbers.

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License