1  /* Adapted from
       2       https://samate.nist.gov/SARD/downloads/test-suites/2013-02-07-basic-cwe-effectiveness-cwe-121-stack-based-buffer-overflow-for-c.zip
       3     Part of https://samate.nist.gov/SARD/test-suites/81:
       4     See:
       5       Black, P. , Koo, H. and Irish, T. (2013), A Basic CWE-121 Buffer Overflow Effectiveness Test Suite, Proc. 6th Latin-American Symposium on Dependable Computing, Rio de Janeiro, -1, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=913117 (Accessed January 17, 2023)
       6  */
       7  
       8  /* This software was developed at the National Institute of Standards and
       9   * Technology by employees of the Federal Government in the course of their
      10   * official duties. Pursuant to title 17 Section 105 of the United States
      11   * Code this software is not subject to copyright protection and is in the
      12   * public domain. NIST assumes no responsibility whatsoever for its use by
      13   * other parties, and makes no guarantees, expressed or implied, about its
      14   * quality, reliability, or any other characteristic.
      15  
      16   * We would appreciate acknowledgement if the software is used.
      17   * The SAMATE project website is: http://samate.nist.gov
      18  */
      19  
      20  #include <stdlib.h>
      21  
      22  int main(int argc, char *argv[])
      23  {
      24  	char bStr[10];
      25  	for (unsigned i=1;i<=10;++i) {
      26  		bStr[i] = (char)i + 'a'; /* { dg-warning "stack-based buffer overflow" "PR analyzer/108432" { xfail *-*-* } } */
      27  	}
      28  	return 0;
      29  }