Tarpit-C is a collection of code snippets that mimic common vulnerable conditions found in C/C++ code such as buffer overflow, integer overflow, use-after-free, double free, underflows etc. The code snippets are generally not meant to compile. The can be used to learn how to perform investigations with Joern or Ocular.
| File | Description | CWE Category |
|---|---|---|
buffer_underwrite |
Buffer Underwrite ('Buffer Underflow') | 124 |
double_free.c |
Double Free | 415 |
use_after_free.c |
Use After Free | 416 |
heap_buffer_overflow.c |
Buffer Overflow (Heap) | 122 |
stack_buffer_overflow.c |
Buffer Overflow (Stack) | 121 |
signed_integer_overflow.c |
Integer Overflow | 190 |
| File | Description | CWE Category |
|---|---|---|
uncontrolled_format_string.c |
Use of Externally-Controlled Format String | 134 |
| File | Description | CWE Category |
|---|---|---|
numeric_truncate.c |
Numberic Truncation - a primitive is cast to a primitive of a smaller size and data is lost in the conversion | 197 |
We do not take responsibility for the way in which any one uses the code snippets. We have made the purposes of the application clear and it should not be used maliciously.