Creating test case using base program.
Added an environment variable read to the function definition.
Completed injection.
UNSPECIFIED
UNSPECIFIED
$SS_TC_ROOT/$SS_TC_INSTALL/bin/tree
make install CC="$SS_CC" LD="$SS_LNK" CFLAGS="$CFLAGS" CPPFLAGS="$CPPFLAGS" LDFLAGS="$LDFLAGS" prefix="$SS_TC_ROOT/$SS_TC_INSTALL" LIBS="$LIBS"
Has a fixed heap buffer of size 64. (malloc(64*sizeof(char))) When input has a larger size, the heap buffer will be over read
NONE
AAAAAAAAAAAAAAAAAAAAAAA
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q input/good-01
STDOUT-REPORT-01 AND STDOUT-CONTENT-LENGTH-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
5 directories, 10 files
SIMILAR
DOES_NOT_RETURN
CONTROLLED_EXIT
Has a fixed heap buffer of size 64. (malloc(64*sizeof(char))) When input has a larger size, the heap buffer will be over read
NONE
Hello World!
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q -L 2 input/good-02
STDOUT-REPORT-02 AND STDOUT-CONTENT-LENGTH-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
5 directories, 4 files
SIMILAR
DOES_NOT_RETURN
CONTROLLED_EXIT
Has a fixed heap buffer of size 64. (malloc(64*sizeof(char))) When input has a larger size, the heap buffer will be over read
NONE
Short is good
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q -J input/good-03
STDOUT-REPORT-03 AND STDOUT-CONTENT-LENGTH-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
{"type":"report","directories":7,"files":367}
SIMILAR
DOES_NOT_RETURN
CONTROLLED_EXIT
Has a fixed heap buffer of size 64. (malloc(64*sizeof(char))) When input has a larger size, the heap buffer will be over read
NONE
AAAAAAAAAAAAAAAAAAAAAAA
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q -P "test*" -F input/good-03
STDOUT-REPORT-04 AND STDOUT-CONTENT-LENGTH-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
7 directories, 62 files
SIMILAR
DOES_NOT_RETURN
CONTROLLED_EXIT
Has a fixed heap buffer of size 64. (malloc(64*sizeof(char))) When input has a larger size, the heap buffer will be over read
NONE
Hello World!
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q -H "" input/good-01
STDOUT-REPORT-05 AND STDOUT-CONTENT-LENGTH-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
5 directories, 10 files
SIMILAR
DOES_NOT_RETURN
CONTROLLED_EXIT
Has a fixed heap buffer of size 64. (malloc(64*sizeof(char))) When input has a larger size, the heap buffer will be over read
READ_APPLICATION_DATA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q -H "" input/good-01
weakness_started_bV80MpejWleTussTJEy0 AND ((NOT PERFORMER AND (output_exceeds_63_bytes_QUukDHG4KD AND output_excess_non_null_RUu4EzESMk) AND NOT timeout_ciZXdEXr23) or (PERFORMER AND NOT ((output_exceeds_63_bytes_QUukDHG4KD AND output_excess_non_null_RUu4EzESMk) OR timeout_ciZXdEXr23)))
(NOT PERFORMER AND (output_exceeds_63_bytes_QUukDHG4KD AND output_excess_non_null_RUu4EzESMk) AND NOT timeout_ciZXdEXr23) or (PERFORMER AND NOT ((output_exceeds_63_bytes_QUukDHG4KD AND output_excess_non_null_RUu4EzESMk) OR timeout_ciZXdEXr23))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
if (( $(wc -c "logfile.txt" | cut -d " " -f 1) > 126 )); then true; else false; fi;
if (( $(head -c -126 "logfile.txt" | tr -d '0\n' | wc -c) > 0 )); then true; else false; fi;
None
stonesoup_trace:weakness_start
Has a fixed heap buffer of size 64. (malloc(64*sizeof(char))) When input has a larger size, the heap buffer will be over read
READ_APPLICATION_DATA
This is probably going to overflow a buffer of some sort. Let's run it anyway and see what happens. I hope that everything turns out ok, because I would love to see what this looks like in all CAPS. Converting ASCII characters to upper case is easy, you can either call a system function, or just add the standard difference between the start of the two character sets. But, I am sure there is a reason that system functions exist for this sort of functionality.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q input/good-01
weakness_started_D3kWCk4iT9SSZvjZzTas AND ((NOT PERFORMER AND (output_exceeds_63_bytes_nOtsrRDKl0 AND output_excess_non_null_bKrJ41D08S) AND NOT timeout_jTB5xsbb8n) or (PERFORMER AND NOT ((output_exceeds_63_bytes_nOtsrRDKl0 AND output_excess_non_null_bKrJ41D08S) OR timeout_jTB5xsbb8n)))
(NOT PERFORMER AND (output_exceeds_63_bytes_nOtsrRDKl0 AND output_excess_non_null_bKrJ41D08S) AND NOT timeout_jTB5xsbb8n) or (PERFORMER AND NOT ((output_exceeds_63_bytes_nOtsrRDKl0 AND output_excess_non_null_bKrJ41D08S) OR timeout_jTB5xsbb8n))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
if (( $(wc -c "logfile.txt" | cut -d " " -f 1) > 126 )); then true; else false; fi;
if (( $(head -c -126 "logfile.txt" | tr -d '0\n' | wc -c) > 0 )); then true; else false; fi;
None
stonesoup_trace:weakness_start