Black, P.
(2018),
Juliet 1.3 Test Suite: Changes From 1.2, Technical Note (NIST TN), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.TN.1995
(Accessed April 20, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Juliet 1.3 Test Suite: Changes From 1.2
Published
Author(s)
Abstract
The Juliet test suite is a systematic set of thousands of small test programs in C/C++ and Java exhibiting over 100 classes of errors, such as buffer overflow, OS injection, hardcoded password, absolute path traversal, NULL pointer dereference, uncaught exception, deadlock, and missing release of resource. These test programs should be helpful in determining capabilities of software assurance tools, particularly static analyzers, in Unix, Microsoft Windows, and other environments. Juliet was developed by the National Security Agency's Center for Assured Software and first released in December 2010. It has been enhanced twice since then. Version 1.2 was released in May 2013 with a total of 86,864 test cases. Released in October 2017, version 1.3 fixes about two dozen systematic problems in version 1.2 and adds tests for pre- and postincrement and -decrement operators. This technical note details the changes from version 1.2 to 1.3. This note also lists the systematic problems that we know remain in Juliet 1.3.Citation
Technical Note (NIST TN) - 1995
Report Number
1995
NIST Pub Series
Pub Type
NIST Pubs
Download Paper
Keywords
buffer overflow, Bugs Framework (BF), Common Weakness Enumeration (CWE), cybersecurity, integer overflow, Juliet test suite, OS injection bugs, programming language test material, software assurance, software quality, static analysis, static source code analyzers.
Citation
Created June 14, 2018, Updated May 4, 2021