Creating test case using base program. Added a Socket Server to accept communication from untrusted source. Completed injection. UNSPECIFIED UNSPECIFIED $SS_TC_ROOT/$SS_TC_INSTALL/bin/gimp $SS_TC_ROOT/testData/input.jpg env ./configure --prefix="$SS_TC_ROOT/$SS_TC_INSTALL" --disable-alsatest --without-libmng --without-libexif --without-aa --without-librsvg --without-poppler --without-gvfs --without-libjasper --with-lcms --without-alsa --disable-python make V=1 CC="$SS_CC" make install V=1 Open saved jpg file Malloc a buffer. Copy the input string to the buffer. Search for 'e' in the string. Upon finding 'e', free the buffer, using a pointer that points to that 'e'. If 'e' is the first character in the buffer, everything is OK. However, if e is not the first character in the buffer, this will seg fault. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT input image opened. DOES_NOT_RETURN CONTROLLED_EXIT color invert an image Malloc a buffer. Copy the input string to the buffer. Search for 'e' in the string. Upon finding 'e', free the buffer, using a pointer that points to that 'e'. If 'e' is the first character in the buffer, everything is OK. However, if e is not the first character in the buffer, this will seg fault. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT image colors inverted DOES_NOT_RETURN CONTROLLED_EXIT create a layer, fill with black, use divde layer mode Malloc a buffer. Copy the input string to the buffer. Search for 'e' in the string. Upon finding 'e', free the buffer, using a pointer that points to that 'e'. If 'e' is the first character in the buffer, everything is OK. However, if e is not the first character in the buffer, this will seg fault. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Layer created, and layer mode changed. DOES_NOT_RETURN CONTROLLED_EXIT view color histogram of image Malloc a buffer. Copy the input string to the buffer. Search for 'e' in the string. Upon finding 'e', free the buffer, using a pointer that points to that 'e'. If 'e' is the first character in the buffer, everything is OK. However, if e is not the first character in the buffer, this will seg fault. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Histogram of image generated. DOES_NOT_RETURN CONTROLLED_EXIT add supernova filter Malloc a buffer. Copy the input string to the buffer. Search for 'e' in the string. Upon finding 'e', free the buffer, using a pointer that points to that 'e'. If 'e' is the first character in the buffer, everything is OK. However, if e is not the first character in the buffer, this will seg fault. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 GOOD-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT supernova added DOES_NOT_RETURN CONTROLLED_EXIT make selection with magic wand, paste into new image Malloc a buffer. Copy the input string to the buffer. Search for 'e' in the string. Upon finding 'e', free the buffer, using a pointer that points to that 'e'. If 'e' is the first character in the buffer, everything is OK. However, if e is not the first character in the buffer, this will seg fault. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 GOOD-06 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Magic Wand selection pasted into new document. DOES_NOT_RETURN CONTROLLED_EXIT rotate image 180 degrees Malloc a buffer. Copy the input string to the buffer. Search for 'e' in the string. Upon finding 'e', free the buffer, using a pointer that points to that 'e'. If 'e' is the first character in the buffer, everything is OK. However, if e is not the first character in the buffer, this will seg fault. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Image rotated 180 degrees. DOES_NOT_RETURN CONTROLLED_EXIT add pagecurl filter Malloc a buffer. Copy the input string to the buffer. Search for 'e' in the string. Upon finding 'e', free the buffer, using a pointer that points to that 'e'. If 'e' is the first character in the buffer, everything is OK. However, if e is not the first character in the buffer, this will seg fault. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 GOOD-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT pagecurl added DOES_NOT_RETURN CONTROLLED_EXIT use edgefinder filter Malloc a buffer. Copy the input string to the buffer. Search for 'e' in the string. Upon finding 'e', free the buffer, using a pointer that points to that 'e'. If 'e' is the first character in the buffer, everything is OK. However, if e is not the first character in the buffer, this will seg fault. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 GOOD-09 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT pagecurl added DOES_NOT_RETURN CONTROLLED_EXIT pixelize image Malloc a buffer. Copy the input string to the buffer. Search for 'e' in the string. Upon finding 'e', free the buffer, using a pointer that points to that 'e'. If 'e' is the first character in the buffer, everything is OK. However, if e is not the first character in the buffer, this will seg fault. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT image pixelized. DOES_NOT_RETURN CONTROLLED_EXIT Malloc a buffer. Copy the input string to the buffer. Search for 'e' in the string. Upon finding 'e', free the buffer, using a pointer that points to that 'e'. If 'e' is the first character in the buffer, everything is OK. However, if e is not the first character in the buffer, this will seg fault. DOS_UNCONTROLLED_EXIT $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 weakness_started_wjIyQ1W8CTXxLwklkdMb AND ((NOT PERFORMER AND (segfault_code_XgAOsBtWNf OR segfault_code_s7pD0faekP OR segfault_code_Ji3Ci5AmR4 OR segfault_code_y9laKrKwi6 OR segfault_code_CWGzs9J6Me OR segfault_msg_uuznulJoMO OR illegal_inst_msg_s3VQH4N1Ya OR segfault_glibc_E70xW9ZLKE) AND NOT timeout_0UzuDAHO5A) or (PERFORMER AND NOT ((segfault_code_XgAOsBtWNf OR segfault_code_s7pD0faekP OR segfault_code_Ji3Ci5AmR4 OR segfault_code_y9laKrKwi6 OR segfault_code_CWGzs9J6Me OR segfault_msg_uuznulJoMO OR illegal_inst_msg_s3VQH4N1Ya OR segfault_glibc_E70xW9ZLKE) OR timeout_0UzuDAHO5A OR controlled_exit_ifnkxxgqoo))) (NOT PERFORMER AND (segfault_code_XgAOsBtWNf OR segfault_code_s7pD0faekP OR segfault_code_Ji3Ci5AmR4 OR segfault_code_y9laKrKwi6 OR segfault_code_CWGzs9J6Me OR segfault_msg_uuznulJoMO OR illegal_inst_msg_s3VQH4N1Ya OR segfault_glibc_E70xW9ZLKE) AND NOT timeout_0UzuDAHO5A) or (PERFORMER AND NOT ((segfault_code_XgAOsBtWNf OR segfault_code_s7pD0faekP OR segfault_code_Ji3Ci5AmR4 OR segfault_code_y9laKrKwi6 OR segfault_code_CWGzs9J6Me OR segfault_msg_uuznulJoMO OR illegal_inst_msg_s3VQH4N1Ya OR segfault_glibc_E70xW9ZLKE) OR timeout_0UzuDAHO5A OR controlled_exit_ifnkxxgqoo)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None glibc detected None stonesoup_trace:weakness_start Malloc a buffer. Copy the input string to the buffer. Search for 'e' in the string. Upon finding 'e', free the buffer, using a pointer that points to that 'e'. If 'e' is the first character in the buffer, everything is OK. However, if e is not the first character in the buffer, this will seg fault. DOS_UNCONTROLLED_EXIT $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 1 weakness_started_vlWvBYgOSUReUoTIcgue AND ((NOT PERFORMER AND (segfault_code_8qL8Yizwdo OR segfault_code_EBwJb1WkTy OR segfault_code_z3Nk7tQI6a OR segfault_code_vXF3GibS8U OR segfault_code_sld4frCdI6 OR segfault_msg_cBipYBocDU OR illegal_inst_msg_IEvPQLPybU OR segfault_glibc_3BoHIOPpAY) AND NOT timeout_M3RDRYF3wG) or (PERFORMER AND NOT ((segfault_code_8qL8Yizwdo OR segfault_code_EBwJb1WkTy OR segfault_code_z3Nk7tQI6a OR segfault_code_vXF3GibS8U OR segfault_code_sld4frCdI6 OR segfault_msg_cBipYBocDU OR illegal_inst_msg_IEvPQLPybU OR segfault_glibc_3BoHIOPpAY) OR timeout_M3RDRYF3wG OR controlled_exit_YuC9ObyvAU))) (NOT PERFORMER AND (segfault_code_8qL8Yizwdo OR segfault_code_EBwJb1WkTy OR segfault_code_z3Nk7tQI6a OR segfault_code_vXF3GibS8U OR segfault_code_sld4frCdI6 OR segfault_msg_cBipYBocDU OR illegal_inst_msg_IEvPQLPybU OR segfault_glibc_3BoHIOPpAY) AND NOT timeout_M3RDRYF3wG) or (PERFORMER AND NOT ((segfault_code_8qL8Yizwdo OR segfault_code_EBwJb1WkTy OR segfault_code_z3Nk7tQI6a OR segfault_code_vXF3GibS8U OR segfault_code_sld4frCdI6 OR segfault_msg_cBipYBocDU OR illegal_inst_msg_IEvPQLPybU OR segfault_glibc_3BoHIOPpAY) OR timeout_M3RDRYF3wG OR controlled_exit_YuC9ObyvAU)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None glibc detected None stonesoup_trace:weakness_start