Creating test case using base program. Added a Socket Server to accept communication from untrusted source. Completed injection. UNSPECIFIED UNSPECIFIED $SS_TC_ROOT/$SS_TC_INSTALL/bin/wireshark $SS_TC_ROOT/testData/input.pcap ./configure --prefix="$SS_TC_ROOT/$SS_TC_INSTALL" --enable-wireshark --with-gtk3=yes --without-lua --without-qt --with-gcrypt --with-gnutls --with-libsmi --with-pcap --with-zlib --without-portaudio --without-libcap --without-krb5 --with-cres --with-adns --with-geoip make V=1 CC="$SS_CC" make install V=1 Open saved .pcap file If a value is seen that doesn't contain 'aba', the taint buffer gets set to null and strlen is called, causing a null pointer dereference NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-01/output.txt DOES_NOT_RETURN CONTROLLED_EXIT export first 50 packets from saved pcap, run md5sum on newly created pcap If a value is seen that doesn't contain 'aba', the taint buffer gets set to null and strlen is called, causing a null pointer dereference NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-02/output.txt DOES_NOT_RETURN CONTROLLED_EXIT jump to packet 10 If a value is seen that doesn't contain 'aba', the taint buffer gets set to null and strlen is called, causing a null pointer dereference NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-03/output.txt DOES_NOT_RETURN CONTROLLED_EXIT open statistical summary If a value is seen that doesn't contain 'aba', the taint buffer gets set to null and strlen is called, causing a null pointer dereference NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-04/output.txt DOES_NOT_RETURN CONTROLLED_EXIT open protocol hierarchy If a value is seen that doesn't contain 'aba', the taint buffer gets set to null and strlen is called, causing a null pointer dereference NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so GOOD-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-05/output.txt DOES_NOT_RETURN CONTROLLED_EXIT follow a tcp stream If a value is seen that doesn't contain 'aba', the taint buffer gets set to null and strlen is called, causing a null pointer dereference NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so GOOD-06 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-06/output.txt DOES_NOT_RETURN CONTROLLED_EXIT run a display filter for http If a value is seen that doesn't contain 'aba', the taint buffer gets set to null and strlen is called, causing a null pointer dereference NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-07/output.txt DOES_NOT_RETURN CONTROLLED_EXIT export a .png from captured http traffic, run an md5, compare with known good If a value is seen that doesn't contain 'aba', the taint buffer gets set to null and strlen is called, causing a null pointer dereference NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so GOOD-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-08/output.txt DOES_NOT_RETURN CONTROLLED_EXIT search for a string If a value is seen that doesn't contain 'aba', the taint buffer gets set to null and strlen is called, causing a null pointer dereference NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so GOOD-09 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-09/output.txt DOES_NOT_RETURN CONTROLLED_EXIT open io graph If a value is seen that doesn't contain 'aba', the taint buffer gets set to null and strlen is called, causing a null pointer dereference NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-10/output.txt DOES_NOT_RETURN CONTROLLED_EXIT If a value is seen that doesn't contain 'aba', the taint buffer gets set to null and strlen is called, causing a null pointer dereference DOS_UNCONTROLLED_EXIT $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so weakness_started_4X2i8hNocNvI3jrYvJQw AND ((NOT PERFORMER AND (segfault_code_vLwsN11CWP OR segfault_code_KyBkUaluiI OR segfault_code_zjR4nrrbLo OR segfault_code_NKnAWP47CZ OR segfault_code_fcUzRzGxVa OR segfault_msg_Pj3HAeh71b OR illegal_inst_msg_0k51sxCQi4) AND NOT timeout_PIhBIfaRMQ) or (PERFORMER AND NOT ((segfault_code_vLwsN11CWP OR segfault_code_KyBkUaluiI OR segfault_code_zjR4nrrbLo OR segfault_code_NKnAWP47CZ OR segfault_code_fcUzRzGxVa OR segfault_msg_Pj3HAeh71b OR illegal_inst_msg_0k51sxCQi4) OR timeout_PIhBIfaRMQ OR controlled_exit_p3aGZIiYtQ))) (NOT PERFORMER AND (segfault_code_vLwsN11CWP OR segfault_code_KyBkUaluiI OR segfault_code_zjR4nrrbLo OR segfault_code_NKnAWP47CZ OR segfault_code_fcUzRzGxVa OR segfault_msg_Pj3HAeh71b OR illegal_inst_msg_0k51sxCQi4) AND NOT timeout_PIhBIfaRMQ) or (PERFORMER AND NOT ((segfault_code_vLwsN11CWP OR segfault_code_KyBkUaluiI OR segfault_code_zjR4nrrbLo OR segfault_code_NKnAWP47CZ OR segfault_code_fcUzRzGxVa OR segfault_msg_Pj3HAeh71b OR illegal_inst_msg_0k51sxCQi4) OR timeout_PIhBIfaRMQ OR controlled_exit_p3aGZIiYtQ)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None stonesoup_trace:weakness_start If a value is seen that doesn't contain 'aba', the taint buffer gets set to null and strlen is called, causing a null pointer dereference DOS_UNCONTROLLED_EXIT $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so weakness_started_QIs7pwesY5VBzbzVi6Rt AND ((NOT PERFORMER AND (segfault_code_q6t3Ww02Cz OR segfault_code_F3DstVOO7v OR segfault_code_epfjbJXBeU OR segfault_code_eyriTZhLqt OR segfault_code_f09Rr4mI4q OR segfault_msg_E2HR4SZXLc OR illegal_inst_msg_RfiSLZi4fX) AND NOT timeout_ssfzt5fAPu) or (PERFORMER AND NOT ((segfault_code_q6t3Ww02Cz OR segfault_code_F3DstVOO7v OR segfault_code_epfjbJXBeU OR segfault_code_eyriTZhLqt OR segfault_code_f09Rr4mI4q OR segfault_msg_E2HR4SZXLc OR illegal_inst_msg_RfiSLZi4fX) OR timeout_ssfzt5fAPu OR controlled_exit_UzoWKNsmO1))) (NOT PERFORMER AND (segfault_code_q6t3Ww02Cz OR segfault_code_F3DstVOO7v OR segfault_code_epfjbJXBeU OR segfault_code_eyriTZhLqt OR segfault_code_f09Rr4mI4q OR segfault_msg_E2HR4SZXLc OR illegal_inst_msg_RfiSLZi4fX) AND NOT timeout_ssfzt5fAPu) or (PERFORMER AND NOT ((segfault_code_q6t3Ww02Cz OR segfault_code_F3DstVOO7v OR segfault_code_epfjbJXBeU OR segfault_code_eyriTZhLqt OR segfault_code_f09Rr4mI4q OR segfault_msg_E2HR4SZXLc OR illegal_inst_msg_RfiSLZi4fX) OR timeout_ssfzt5fAPu OR controlled_exit_UzoWKNsmO1)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None stonesoup_trace:weakness_start