The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service because of excessive looping. This test will try to access a user-controlled file, repeatedly trying if the access fails. The user provides an intentionally bad path, forcing the software to wait forever. FALSE org.apache.jmeter.NewDriver $SS_TC_ROOT/$SS_TC_INSTALL/classes/core:$SS_TC_ROOT/$SS_TC_INSTALL/classes/components:$SS_TC_ROOT/$SS_TC_INSTALL/classes/functions:$SS_TC_ROOT/$SS_TC_INSTALL/classes/jorphan:$SS_TC_ROOT/$SS_TC_INSTALL/classes/junit:$SS_TC_ROOT/$SS_TC_INSTALL/classes/monitor:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/ftp:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/http:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/java:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/jdbc:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/jms:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/ldap:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/mail:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/native:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/tcp:$SS_TC_ROOT/$SS_TC_INSTALL/classes/reports:$SS_TC_ROOT/$SS_TC_INSTALL/classes/res:$SS_TC_ROOT/$SS_TC_INSTALL/lib/*:$SS_TC_ROOT/$SS_TC_INSTALL/lib/opt/*:$SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar UNSPECIFIED UNSPECIFIED java $SS_JAVA_OPTS -Djava.library.path=$SS_TC_DEPS/lib64/ -cp $SS_JAVA_CLASSPATH -Djmeter.home="$SS_TC_ROOT/$SS_TC_INSTALL" org.apache.jmeter.NewDriver env ANT_HOME=$SS_TC_DEPS/ant ant $SS_ANT_OPTS -Dstonesoup.database.postgres.required=no -Dstonesoup.hibernate.postgres.required=no -Dstonesoup.hibernate.mysql.required=no -Dstonesoup.database.mysql.required=no -Dstonesoup.socket.required=no -lib $SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar -Dstonesoup.socket.lib.dir="$SS_TC_DEPS/java/stonesoup/socket" -Dstonesoup.hibernate.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/mysql" -Dstonesoup.hibernate.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/postgres" -Dstonesoup.database.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/database/mysql" -Dstonesoup.database.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/database/postgres" -Ddist.dir="$SS_TC_ROOT/$SS_TC_INSTALL" -Dbuild.dir="$SS_TC_ROOT/$SS_TC_INSTALL" -Dstonesoup.lttng.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng" -Dstonesoup.lttng.dummy.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng-dummy" compile prepare-resources prepare-nonjar-dist -Dbuild.dir=$SS_TC_ROOT/$SS_TC_INSTALL/classes cp -r lib $SS_TC_ROOT/$SS_TC_INSTALL cp -r bin $SS_TC_ROOT/$SS_TC_INSTALL Environment variable defining test value. NONE $SS_TC_ROOT/$SS_TC_INSTALL /etc/passwd $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-01/CSVSample.jmx STDOUT-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-01/CSVSample.jtl s="true" lb="Login as u1" rc="200" rm="OK" tn="Thread Group 1-1" dt="text" by="15" DOES_NOT_RETURN CONTROLLED_EXIT Environment variable defining test value. NONE $SS_TC_ROOT/$SS_TC_INSTALL tempfile.txt data $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-02/http-test.jmx STDOUT-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-02/http-test.jtl good-02/http-test.jtl DOES_NOT_RETURN CONTROLLED_EXIT Environment variable defining test value. NONE $SS_TC_ROOT/$SS_TC_INSTALL /etc/passwd $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-03/http-test.jmx STDOUT-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-03/http-test.jtl good-03/http-test.jtl DOES_NOT_RETURN CONTROLLED_EXIT Environment variable defining test value. NONE $SS_TC_ROOT/$SS_TC_INSTALL tempfile.txt data $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-04/http-test.jmx STATUS-CHECK-01 AND STATUS-CHECK-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT bash -c "if [[ $(grep -E '<httpSample s=\"true\" lb=\"Homepage\" rc=\"200\" rm=\"OK\" tn=\"Thread Group 1-[1-5]\" dt=\"text\"/>' ../testData/good-04/http-test.jtl | wc -l) -eq 50 ]]; then true; else false; fi" bash -c "if [[ $(grep -E '<httpSample s=\"true\" lb=\"PageOne\" rc=\"200\" rm=\"OK\" tn=\"Thread Group 1-[1-5]\" dt=\"text\"/>' ../testData/good-04/http-test.jtl | wc -l) -eq 50 ]]; then true; else false; fi" DOES_NOT_RETURN CONTROLLED_EXIT Environment variable defining test value. NONE $SS_TC_ROOT/$SS_TC_INSTALL /etc/passwd $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-05/http-test.jmx STDOUT-05 AND GOOD-05-HOSTNAME AND GOOD-05-LS AND GOOD-05-NETSTAT AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-05/http-test.jtl good-05/http-test.jtl if [[ -a good-05/hostname.out ]]; then exit 0; else exit 1; fi; if [[ -a good-05/ls.out ]]; then exit 0; else exit 1; fi; if [[ -a good-05/netstat.out ]]; then exit 0; else exit 1; fi; DOES_NOT_RETURN CONTROLLED_EXIT Environment variable defining test value. DOS_BLOCKING $SS_TC_ROOT/$SS_TC_INSTALL doesntexist.txt $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-04/http-test.jmx weakness_started_mjZyHSDJNVQR5u4UqLsP AND ((NOT PERFORMER AND (timeout_xSN1cNQeUu OR (NOT (finished_mbT0b9S5LC AND finished_OvDlCUIgdy) AND NOT (controlled_exit_PMW8KruMKO OR continued_execution_3x7B0mxsI0)))) or (PERFORMER AND NOT ((timeout_xSN1cNQeUu OR (NOT (finished_mbT0b9S5LC AND finished_OvDlCUIgdy) AND NOT (controlled_exit_PMW8KruMKO OR continued_execution_3x7B0mxsI0)))))) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION if (( $(/bin/grep "Found file." "logfile.txt" | wc -l) > 0 )); then true; else false; fi; if (( $(/bin/grep -E 'Reading ".+"' "logfile.txt" | wc -l) > 0 )); then true; else false; fi; None stonesoup_trace:weakness_start Environment variable defining test value. DOS_BLOCKING $SS_TC_ROOT/$SS_TC_INSTALL alsodoesntexist.dat $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-03/http-test.jmx weakness_started_OqSOPquvbX9lRZpv9mxi AND ((NOT PERFORMER AND (timeout_9lLyM8Hjxw OR (NOT (finished_VM9sfmM032 AND finished_eo5zdK8f0K) AND NOT (controlled_exit_lBFalHxBwP OR continued_execution_7spe64tkUk)))) or (PERFORMER AND NOT ((timeout_9lLyM8Hjxw OR (NOT (finished_VM9sfmM032 AND finished_eo5zdK8f0K) AND NOT (controlled_exit_lBFalHxBwP OR continued_execution_7spe64tkUk)))))) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION if (( $(/bin/grep "Found file." "logfile.txt" | wc -l) > 0 )); then true; else false; fi; if (( $(/bin/grep -E 'Reading ".+"' "logfile.txt" | wc -l) > 0 )); then true; else false; fi; None stonesoup_trace:weakness_start