Creating test case using base program. Added a Socket Server to accept communication from untrusted source. Completed injection. UNSPECIFIED UNSPECIFIED $SS_TC_ROOT/$SS_TC_INSTALL/bin/grep ./configure --prefix="$SS_TC_ROOT/$SS_TC_INSTALL" --exec-prefix="$SS_TC_ROOT/$SS_TC_INSTALL" --with-included-regex make V=1 CC="$SS_CC" CCLD="$SS_LNK" make V=1 install CC="$SS_CC" CCLD="$SS_LNK" all words beginning with e or x, case sensitive Has a buffer declared on the stack and populated from input data via strncpy. If input begins with a lower case letter oor a higher ascii value, it will crash NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 ^[ex] input/dict.txt STDOUT-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-01/std-out.txt DOES_NOT_RETURN CONTROLLED_EXIT find BIRMINGHAM, ignore case, recursive Has a buffer declared on the stack and populated from input data via strncpy. If input begins with a lower case letter oor a higher ascii value, it will crash NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 -r -i BIRMINGHAM input/zip/ STDOUT-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-02/std-out.txt DOES_NOT_RETURN CONTROLLED_EXIT read extented regular expressions from file Has a buffer declared on the stack and populated from input data via strncpy. If input begins with a lower case letter oor a higher ascii value, it will crash NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 -E -f input/grep-good-03-expr.txt input/mktsymbols.txt STDOUT-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-03/std-out.txt DOES_NOT_RETURN CONTROLLED_EXIT search for entire words matching a specific pattern Has a buffer declared on the stack and populated from input data via strncpy. If input begins with a lower case letter oor a higher ascii value, it will crash NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 -w -f input/grep-good-04-expr.txt input/mktsymbols.txt STDOUT-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-04/std-out.txt DOES_NOT_RETURN CONTROLLED_EXIT use mmap(), find NASDAQ in file Has a buffer declared on the stack and populated from input data via strncpy. If input begins with a lower case letter oor a higher ascii value, it will crash NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 --mmap NASDAQ input/mktsymbols.txt STDOUT-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-05/std-out.txt DOES_NOT_RETURN CONTROLLED_EXIT match lines not containing NASDAQ, ignore case, count Has a buffer declared on the stack and populated from input data via strncpy. If input begins with a lower case letter oor a higher ascii value, it will crash NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 -v -i -c NASDAQ input/mktsymbols.txt STDOUT-06 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-06/std-out.txt DOES_NOT_RETURN CONTROLLED_EXIT grep stdin (a device), match words beginning w/ D, P, or Z, redirect file into stdin Has a buffer declared on the stack and populated from input data via strncpy. If input begins with a lower case letter oor a higher ascii value, it will crash NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 -D read -e ^[DPZ] /dev/stdin < input/mktsymbols.txt STDOUT-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-07/std-out.txt DOES_NOT_RETURN CONTROLLED_EXIT extended grep, print number of lines of context Has a buffer declared on the stack and populated from input data via strncpy. If input begins with a lower case letter oor a higher ascii value, it will crash NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 -E -C 15 ^[BRT] input/mktsymbols.txt STDOUT-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-08/std-out.txt DOES_NOT_RETURN CONTROLLED_EXIT lines not beginning w/ B, R or T Has a buffer declared on the stack and populated from input data via strncpy. If input begins with a lower case letter oor a higher ascii value, it will crash NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 -v ^[BRT] input/mktsymbols.txt STDOUT-09 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-09/std-out.txt DOES_NOT_RETURN CONTROLLED_EXIT count lines not beginning w/ B, R or T Has a buffer declared on the stack and populated from input data via strncpy. If input begins with a lower case letter oor a higher ascii value, it will crash NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 -c -v ^[BRT] input/mktsymbols.txt STDOUT-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-10/std-out.txt DOES_NOT_RETURN CONTROLLED_EXIT Has a buffer declared on the stack and populated from input data via strncpy. If input begins with a lower case letter oor a higher ascii value, it will crash DOS_UNCONTROLLED_EXIT $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 -v -i -c NASDAQ input/mktsymbols.txt weakness_started_IPx07REJ56qyaVWoqi4v AND ((NOT PERFORMER AND (segfault_code_xExnKmzvKj OR segfault_code_pV68xAnyN7 OR segfault_code_QWqQdhAubs OR segfault_code_3kKOjM6wSi OR segfault_code_GWmLmKWoMp OR segfault_msg_oS9BIURvCJ OR illegal_inst_msg_MXwHGW9VA7 OR segfault_glibc_MDcuQ1vdqJ) AND NOT timeout_MZr7PU3Ixp) or (PERFORMER AND NOT ((segfault_code_xExnKmzvKj OR segfault_code_pV68xAnyN7 OR segfault_code_QWqQdhAubs OR segfault_code_3kKOjM6wSi OR segfault_code_GWmLmKWoMp OR segfault_msg_oS9BIURvCJ OR illegal_inst_msg_MXwHGW9VA7 OR segfault_glibc_MDcuQ1vdqJ) OR timeout_MZr7PU3Ixp OR controlled_exit_6vG0EhS0SI))) (NOT PERFORMER AND (segfault_code_xExnKmzvKj OR segfault_code_pV68xAnyN7 OR segfault_code_QWqQdhAubs OR segfault_code_3kKOjM6wSi OR segfault_code_GWmLmKWoMp OR segfault_msg_oS9BIURvCJ OR illegal_inst_msg_MXwHGW9VA7 OR segfault_glibc_MDcuQ1vdqJ) AND NOT timeout_MZr7PU3Ixp) or (PERFORMER AND NOT ((segfault_code_xExnKmzvKj OR segfault_code_pV68xAnyN7 OR segfault_code_QWqQdhAubs OR segfault_code_3kKOjM6wSi OR segfault_code_GWmLmKWoMp OR segfault_msg_oS9BIURvCJ OR illegal_inst_msg_MXwHGW9VA7 OR segfault_glibc_MDcuQ1vdqJ) OR timeout_MZr7PU3Ixp OR controlled_exit_6vG0EhS0SI)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None glibc detected None stonesoup_trace:weakness_start Has a buffer declared on the stack and populated from input data via strncpy. If input begins with a lower case letter oor a higher ascii value, it will crash DOS_UNCONTROLLED_EXIT $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 -v -i -c NASDAQ input/mktsymbols.txt weakness_started_6qluOIzbw4pJjZ1jOOsV AND ((NOT PERFORMER AND (segfault_code_AfyL3LtAaY OR segfault_code_ais721C78r OR segfault_code_gv1bqVevfA OR segfault_code_CRzaHeuWJj OR segfault_code_QcU3ZMUrWK OR segfault_msg_VRoxSfcVKE OR illegal_inst_msg_ZKcGiikaNR OR segfault_glibc_bWSmris2Zd) AND NOT timeout_TqA22v2ZlW) or (PERFORMER AND NOT ((segfault_code_AfyL3LtAaY OR segfault_code_ais721C78r OR segfault_code_gv1bqVevfA OR segfault_code_CRzaHeuWJj OR segfault_code_QcU3ZMUrWK OR segfault_msg_VRoxSfcVKE OR illegal_inst_msg_ZKcGiikaNR OR segfault_glibc_bWSmris2Zd) OR timeout_TqA22v2ZlW OR controlled_exit_HCzKNSnPJU))) (NOT PERFORMER AND (segfault_code_AfyL3LtAaY OR segfault_code_ais721C78r OR segfault_code_gv1bqVevfA OR segfault_code_CRzaHeuWJj OR segfault_code_QcU3ZMUrWK OR segfault_msg_VRoxSfcVKE OR illegal_inst_msg_ZKcGiikaNR OR segfault_glibc_bWSmris2Zd) AND NOT timeout_TqA22v2ZlW) or (PERFORMER AND NOT ((segfault_code_AfyL3LtAaY OR segfault_code_ais721C78r OR segfault_code_gv1bqVevfA OR segfault_code_CRzaHeuWJj OR segfault_code_QcU3ZMUrWK OR segfault_msg_VRoxSfcVKE OR illegal_inst_msg_ZKcGiikaNR OR segfault_glibc_bWSmris2Zd) OR timeout_TqA22v2ZlW OR controlled_exit_HCzKNSnPJU)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None glibc detected None stonesoup_trace:weakness_start