Creating test case using base program. Added an environment variable read to get a filename to read in the file contents using an fread operation within the function Completed injection. UNSPECIFIED UNSPECIFIED $SS_TC_ROOT/$SS_TC_INSTALL/bin/tree make install CC="$SS_CC" LD="$SS_LNK" CFLAGS="$CFLAGS" CPPFLAGS="$CPPFLAGS" LDFLAGS="$LDFLAGS" prefix="$SS_TC_ROOT/$SS_TC_INSTALL" LIBS="$LIBS" Has a buffer declared on the heap in a struct. malloc(20*sizeOf(char)) If input is resolved to more than 20 chars it will overflow NONE /opt/stonesoup/workspace/testData/dermutation_preinsured/chi_auctions.txt /etc/passwd $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 --charset ASCII --sort=name -n -q input/good-01 STDOUT-REPORT-01 AND STDOUT-CONTENT-LENGTH-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT 5 directories, 10 files SIMILAR DOES_NOT_RETURN CONTROLLED_EXIT Has a buffer declared on the heap in a struct. malloc(20*sizeOf(char)) If input is resolved to more than 20 chars it will overflow NONE /opt/stonesoup/workspace/testData/dermutation_preinsured/chi_auctions.txt /etc/ssh/ssh_config $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 --charset ASCII --sort=name -n -q -L 2 input/good-02 STDOUT-REPORT-02 AND STDOUT-CONTENT-LENGTH-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT 5 directories, 4 files SIMILAR DOES_NOT_RETURN CONTROLLED_EXIT Has a buffer declared on the heap in a struct. malloc(20*sizeOf(char)) If input is resolved to more than 20 chars it will overflow NONE /opt/stonesoup/workspace/testData/dermutation_preinsured/chi_auctions.txt /usr/bin/gcc $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 --charset ASCII --sort=name -n -q -J input/good-03 STDOUT-REPORT-03 AND STDOUT-CONTENT-LENGTH-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT {"type":"report","directories":7,"files":367} SIMILAR DOES_NOT_RETURN CONTROLLED_EXIT Has a buffer declared on the heap in a struct. malloc(20*sizeOf(char)) If input is resolved to more than 20 chars it will overflow NONE /opt/stonesoup/workspace/testData/dermutation_preinsured/chi_auctions.txt /etc/passwd $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 --charset ASCII --sort=name -n -q -P "test*" -F input/good-03 STDOUT-REPORT-04 AND STDOUT-CONTENT-LENGTH-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT 7 directories, 62 files SIMILAR DOES_NOT_RETURN CONTROLLED_EXIT Has a buffer declared on the heap in a struct. malloc(20*sizeOf(char)) If input is resolved to more than 20 chars it will overflow NONE /opt/stonesoup/workspace/testData/dermutation_preinsured/chi_auctions.txt /etc/ssh/ssh_config $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 --charset ASCII --sort=name -n -q -H "" input/good-01 STDOUT-REPORT-05 AND STDOUT-CONTENT-LENGTH-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT 5 directories, 10 files SIMILAR DOES_NOT_RETURN CONTROLLED_EXIT Has a buffer declared on the heap in a struct. malloc(20*sizeOf(char)) If input is resolved to more than 20 chars it will overflow DOS_UNCONTROLLED_EXIT /opt/stonesoup/workspace/testData/dermutation_preinsured/chi_auctions.txt ../testData $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 --charset ASCII --sort=name -n -q -P "test*" -F input/good-03 weakness_started_oZvZ5pFjO5lgOIIKUWTE AND ((NOT PERFORMER AND (segfault_code_d3eVZi5kMP OR segfault_code_fUziTz7bDH OR segfault_code_j88KDdFi3I OR segfault_code_mHtNRNicQt OR segfault_code_WBfKanx6Px OR segfault_msg_7C2GvNhwGZ OR illegal_inst_msg_pJps9ZjwTn) AND NOT timeout_4QnYTLJ9j7) or (PERFORMER AND NOT ((segfault_code_d3eVZi5kMP OR segfault_code_fUziTz7bDH OR segfault_code_j88KDdFi3I OR segfault_code_mHtNRNicQt OR segfault_code_WBfKanx6Px OR segfault_msg_7C2GvNhwGZ OR illegal_inst_msg_pJps9ZjwTn) OR timeout_4QnYTLJ9j7))) (NOT PERFORMER AND (segfault_code_d3eVZi5kMP OR segfault_code_fUziTz7bDH OR segfault_code_j88KDdFi3I OR segfault_code_mHtNRNicQt OR segfault_code_WBfKanx6Px OR segfault_msg_7C2GvNhwGZ OR illegal_inst_msg_pJps9ZjwTn) AND NOT timeout_4QnYTLJ9j7) or (PERFORMER AND NOT ((segfault_code_d3eVZi5kMP OR segfault_code_fUziTz7bDH OR segfault_code_j88KDdFi3I OR segfault_code_mHtNRNicQt OR segfault_code_WBfKanx6Px OR segfault_msg_7C2GvNhwGZ OR illegal_inst_msg_pJps9ZjwTn) OR timeout_4QnYTLJ9j7)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None stonesoup_trace:weakness_start Has a buffer declared on the heap in a struct. malloc(20*sizeOf(char)) If input is resolved to more than 20 chars it will overflow DOS_UNCONTROLLED_EXIT /opt/stonesoup/workspace/testData/dermutation_preinsured/chi_auctions.txt ../testOutput $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 --charset ASCII --sort=name -n -q -J input/good-03 weakness_started_TXMiifs2zs1qKgCBfu9n AND ((NOT PERFORMER AND (segfault_code_66xKfIGth5 OR segfault_code_HRPgf7arbO OR segfault_code_B2p8gMN3J2 OR segfault_code_VEXk4Ll9md OR segfault_code_Z1oow3AwSs OR segfault_msg_6IYJ3vBRGC OR illegal_inst_msg_EICakZxNFj) AND NOT timeout_6POSMG8QYn) or (PERFORMER AND NOT ((segfault_code_66xKfIGth5 OR segfault_code_HRPgf7arbO OR segfault_code_B2p8gMN3J2 OR segfault_code_VEXk4Ll9md OR segfault_code_Z1oow3AwSs OR segfault_msg_6IYJ3vBRGC OR illegal_inst_msg_EICakZxNFj) OR timeout_6POSMG8QYn))) (NOT PERFORMER AND (segfault_code_66xKfIGth5 OR segfault_code_HRPgf7arbO OR segfault_code_B2p8gMN3J2 OR segfault_code_VEXk4Ll9md OR segfault_code_Z1oow3AwSs OR segfault_msg_6IYJ3vBRGC OR illegal_inst_msg_EICakZxNFj) AND NOT timeout_6POSMG8QYn) or (PERFORMER AND NOT ((segfault_code_66xKfIGth5 OR segfault_code_HRPgf7arbO OR segfault_code_B2p8gMN3J2 OR segfault_code_VEXk4Ll9md OR segfault_code_Z1oow3AwSs OR segfault_msg_6IYJ3vBRGC OR illegal_inst_msg_EICakZxNFj) OR timeout_6POSMG8QYn)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None stonesoup_trace:weakness_start