Creating test case using base program. Added an environment variable read to get a key in order to read in data from shared memory. Completed injection. UNSPECIFIED UNSPECIFIED $SS_TC_ROOT/$SS_TC_INSTALL/bin/gimp $SS_TC_ROOT/testData/input.jpg env ./configure --prefix="$SS_TC_ROOT/$SS_TC_INSTALL" --disable-alsatest --without-libmng --without-libexif --without-aa --without-librsvg --without-poppler --without-gvfs --without-libjasper --with-lcms --without-alsa --disable-python make V=1 CC="$SS_CC" make install V=1 Open saved jpg file Create a function pointer on the stack. If the input length is not equal to 10, set the function pointer to a function. Try to use the function pointer. This will seg fault if the input length is exactly 10. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT input image opened. DOES_NOT_RETURN CONTROLLED_EXIT color invert an image Create a function pointer on the stack. If the input length is not equal to 10, set the function pointer to a function. Try to use the function pointer. This will seg fault if the input length is exactly 10. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT image colors inverted DOES_NOT_RETURN CONTROLLED_EXIT create a layer, fill with black, use divde layer mode Create a function pointer on the stack. If the input length is not equal to 10, set the function pointer to a function. Try to use the function pointer. This will seg fault if the input length is exactly 10. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Layer created, and layer mode changed. DOES_NOT_RETURN CONTROLLED_EXIT view color histogram of image Create a function pointer on the stack. If the input length is not equal to 10, set the function pointer to a function. Try to use the function pointer. This will seg fault if the input length is exactly 10. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Histogram of image generated. DOES_NOT_RETURN CONTROLLED_EXIT add supernova filter Create a function pointer on the stack. If the input length is not equal to 10, set the function pointer to a function. Try to use the function pointer. This will seg fault if the input length is exactly 10. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT supernova added DOES_NOT_RETURN CONTROLLED_EXIT make selection with magic wand, paste into new image Create a function pointer on the stack. If the input length is not equal to 10, set the function pointer to a function. Try to use the function pointer. This will seg fault if the input length is exactly 10. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-06 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Magic Wand selection pasted into new document. DOES_NOT_RETURN CONTROLLED_EXIT rotate image 180 degrees Create a function pointer on the stack. If the input length is not equal to 10, set the function pointer to a function. Try to use the function pointer. This will seg fault if the input length is exactly 10. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Image rotated 180 degrees. DOES_NOT_RETURN CONTROLLED_EXIT add pagecurl filter Create a function pointer on the stack. If the input length is not equal to 10, set the function pointer to a function. Try to use the function pointer. This will seg fault if the input length is exactly 10. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT pagecurl added DOES_NOT_RETURN CONTROLLED_EXIT use edgefinder filter Create a function pointer on the stack. If the input length is not equal to 10, set the function pointer to a function. Try to use the function pointer. This will seg fault if the input length is exactly 10. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-09 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT pagecurl added DOES_NOT_RETURN CONTROLLED_EXIT pixelize image Create a function pointer on the stack. If the input length is not equal to 10, set the function pointer to a function. Try to use the function pointer. This will seg fault if the input length is exactly 10. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT image pixelized. DOES_NOT_RETURN CONTROLLED_EXIT Create a function pointer on the stack. If the input length is not equal to 10, set the function pointer to a function. Try to use the function pointer. This will seg fault if the input length is exactly 10. DOS_UNCONTROLLED_EXIT $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 weakness_started_2lRqM8YDbfJsoz5QuSn0 AND ((NOT PERFORMER AND (segfault_code_jeuVD0fWGH OR segfault_code_d7DlSb8qxP OR segfault_code_UHuieKgLRY OR segfault_code_kSxTM6iFvy OR segfault_code_b1GYwd5VUz OR segfault_msg_2UhXZbvjkn OR illegal_inst_msg_7oSLIvNvX3 OR segfault_illegal_inst_w34RlDD8Sp OR segfault_illegal_return_3h1j3WHirc) AND NOT timeout_zyTEZ2LIjj) or (PERFORMER AND NOT ((segfault_code_jeuVD0fWGH OR segfault_code_d7DlSb8qxP OR segfault_code_UHuieKgLRY OR segfault_code_kSxTM6iFvy OR segfault_code_b1GYwd5VUz OR segfault_msg_2UhXZbvjkn OR illegal_inst_msg_7oSLIvNvX3 OR segfault_illegal_inst_w34RlDD8Sp OR segfault_illegal_return_3h1j3WHirc) OR timeout_zyTEZ2LIjj))) (NOT PERFORMER AND (segfault_code_jeuVD0fWGH OR segfault_code_d7DlSb8qxP OR segfault_code_UHuieKgLRY OR segfault_code_kSxTM6iFvy OR segfault_code_b1GYwd5VUz OR segfault_msg_2UhXZbvjkn OR illegal_inst_msg_7oSLIvNvX3 OR segfault_illegal_inst_w34RlDD8Sp OR segfault_illegal_return_3h1j3WHirc) AND NOT timeout_zyTEZ2LIjj) or (PERFORMER AND NOT ((segfault_code_jeuVD0fWGH OR segfault_code_d7DlSb8qxP OR segfault_code_UHuieKgLRY OR segfault_code_kSxTM6iFvy OR segfault_code_b1GYwd5VUz OR segfault_msg_2UhXZbvjkn OR illegal_inst_msg_7oSLIvNvX3 OR segfault_illegal_inst_w34RlDD8Sp OR segfault_illegal_return_3h1j3WHirc) OR timeout_zyTEZ2LIjj)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None Illegal instruction None 132 None stonesoup_trace:weakness_start Create a function pointer on the stack. If the input length is not equal to 10, set the function pointer to a function. Try to use the function pointer. This will seg fault if the input length is exactly 10. DOS_UNCONTROLLED_EXIT $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 weakness_started_mPcDnqo15lQcCFQlPYHr AND ((NOT PERFORMER AND (segfault_code_SAdjdXXTJN OR segfault_code_ap8iWkhsel OR segfault_code_HXhVMwKnfm OR segfault_code_qHe6v4i9UM OR segfault_code_KgIBBlAxeW OR segfault_msg_N1cokV6D17 OR illegal_inst_msg_r6BtAOmqXG OR segfault_illegal_inst_SUVgNkA8hc OR segfault_illegal_return_IEVX3hUS2u) AND NOT timeout_co3sVqWPKh) or (PERFORMER AND NOT ((segfault_code_SAdjdXXTJN OR segfault_code_ap8iWkhsel OR segfault_code_HXhVMwKnfm OR segfault_code_qHe6v4i9UM OR segfault_code_KgIBBlAxeW OR segfault_msg_N1cokV6D17 OR illegal_inst_msg_r6BtAOmqXG OR segfault_illegal_inst_SUVgNkA8hc OR segfault_illegal_return_IEVX3hUS2u) OR timeout_co3sVqWPKh))) (NOT PERFORMER AND (segfault_code_SAdjdXXTJN OR segfault_code_ap8iWkhsel OR segfault_code_HXhVMwKnfm OR segfault_code_qHe6v4i9UM OR segfault_code_KgIBBlAxeW OR segfault_msg_N1cokV6D17 OR illegal_inst_msg_r6BtAOmqXG OR segfault_illegal_inst_SUVgNkA8hc OR segfault_illegal_return_IEVX3hUS2u) AND NOT timeout_co3sVqWPKh) or (PERFORMER AND NOT ((segfault_code_SAdjdXXTJN OR segfault_code_ap8iWkhsel OR segfault_code_HXhVMwKnfm OR segfault_code_qHe6v4i9UM OR segfault_code_KgIBBlAxeW OR segfault_msg_N1cokV6D17 OR illegal_inst_msg_r6BtAOmqXG OR segfault_illegal_inst_SUVgNkA8hc OR segfault_illegal_return_IEVX3hUS2u) OR timeout_co3sVqWPKh)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None Illegal instruction None 132 None stonesoup_trace:weakness_start