Kaprica Security (KPRCA)
This application is a pizza ordering system. It is deisnged to help employees at a restaurant track order requests.
The service allows an employee to input an order into the tracking system. To prove that a user is trusted he or she must first authenticate into the system. Once Authenticated the user may:
The ordering system assumes all orders will always have at least one pizza. It uses this assumption to try and properly estimate a wait time. In order.cc:19 the initial max wait time is set to the 0th index pizza's prep time.
The bug is due to a missing check when removing a pizza from an in progress order. The text that suggests a user can remove a pizza from his or her order is missing. In the unpatched version the command parser will still allow you to enter the delete option and create an order with no pizzas. Printing the order causes the null pointer deference.
Null Pointer Dereference
Null Pointer Dereference (CWE-476)
This challenge will test a system's cabability against a C++ binary. The binary tries to include as many C++ paradigms as possible. Including namespaces, templates, multiple subclasses, etc. The bug itself is not specific to C++.
Curated by Lunge Technology, LLC. Questions or comments? Send us email