Creating test case using base program. Added an environment variable read to the function definition. Completed injection. UNSPECIFIED UNSPECIFIED $SS_TC_ROOT/$SS_TC_INSTALL/bin/gimp $SS_TC_ROOT/testData/input.jpg env ./configure --prefix="$SS_TC_ROOT/$SS_TC_INSTALL" --disable-alsatest --without-libmng --without-libexif --without-aa --without-librsvg --without-poppler --without-gvfs --without-libjasper --with-lcms --without-alsa --disable-python make V=1 CC="$SS_CC" make install V=1 Open saved jpg file Has a buffer declared on the stack. char[64] If input is shorter than 64 it will overflow,due to using improper sizeof and strlen checking NONE AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaAAAAAAAAAAAAAAAA $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT input image opened. DOES_NOT_RETURN CONTROLLED_EXIT color invert an image Has a buffer declared on the stack. char[64] If input is shorter than 64 it will overflow,due to using improper sizeof and strlen checking NONE Hello World! If this statement isn't more than 64 characters, it will go badly $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT image colors inverted DOES_NOT_RETURN CONTROLLED_EXIT create a layer, fill with black, use divde layer mode Has a buffer declared on the stack. char[64] If input is shorter than 64 it will overflow,due to using improper sizeof and strlen checking NONE Short is good for buffer overflows, unless you make a mistake and get it wrong $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Layer created, and layer mode changed. DOES_NOT_RETURN CONTROLLED_EXIT view color histogram of image Has a buffer declared on the stack. char[64] If input is shorter than 64 it will overflow,due to using improper sizeof and strlen checking NONE AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaAAAAAAAAAAAAAAAA $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Histogram of image generated. DOES_NOT_RETURN CONTROLLED_EXIT add supernova filter Has a buffer declared on the stack. char[64] If input is shorter than 64 it will overflow,due to using improper sizeof and strlen checking NONE Hello World! If this statement isn't more than 64 characters, it will go badly $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT supernova added DOES_NOT_RETURN CONTROLLED_EXIT make selection with magic wand, paste into new image Has a buffer declared on the stack. char[64] If input is shorter than 64 it will overflow,due to using improper sizeof and strlen checking NONE Short is good for buffer overflows, unless you make a mistake and get it wrong $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-06 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Magic Wand selection pasted into new document. DOES_NOT_RETURN CONTROLLED_EXIT rotate image 180 degrees Has a buffer declared on the stack. char[64] If input is shorter than 64 it will overflow,due to using improper sizeof and strlen checking NONE AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaAAAAAAAAAAAAAAAA $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Image rotated 180 degrees. DOES_NOT_RETURN CONTROLLED_EXIT add pagecurl filter Has a buffer declared on the stack. char[64] If input is shorter than 64 it will overflow,due to using improper sizeof and strlen checking NONE Hello World! If this statement isn't more than 64 characters, it will go badly $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT pagecurl added DOES_NOT_RETURN CONTROLLED_EXIT use edgefinder filter Has a buffer declared on the stack. char[64] If input is shorter than 64 it will overflow,due to using improper sizeof and strlen checking NONE Short is good for buffer overflows, unless you make a mistake and get it wrong $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-09 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT pagecurl added DOES_NOT_RETURN CONTROLLED_EXIT pixelize image Has a buffer declared on the stack. char[64] If input is shorter than 64 it will overflow,due to using improper sizeof and strlen checking NONE AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaAAAAAAAAAAAAAAAA $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT image pixelized. DOES_NOT_RETURN CONTROLLED_EXIT Has a buffer declared on the stack. char[64] If input is shorter than 64 it will overflow,due to using improper sizeof and strlen checking DOS_UNCONTROLLED_EXIT Short is now bad $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 weakness_started_hOZi5rG2Cp4pok9PlrH4 AND ((NOT PERFORMER AND (segfault_code_M4uwcMQslw OR segfault_code_T1sJXfyp55 OR segfault_code_JNKw9G8yM2 OR segfault_code_OENylny0Aj OR segfault_code_CqCoyExKCF OR segfault_msg_0L454oIAKG OR illegal_inst_msg_yD37SAMiuS) AND NOT timeout_tk77pbFVbX) or (PERFORMER AND NOT ((segfault_code_M4uwcMQslw OR segfault_code_T1sJXfyp55 OR segfault_code_JNKw9G8yM2 OR segfault_code_OENylny0Aj OR segfault_code_CqCoyExKCF OR segfault_msg_0L454oIAKG OR illegal_inst_msg_yD37SAMiuS) OR timeout_tk77pbFVbX))) (NOT PERFORMER AND (segfault_code_M4uwcMQslw OR segfault_code_T1sJXfyp55 OR segfault_code_JNKw9G8yM2 OR segfault_code_OENylny0Aj OR segfault_code_CqCoyExKCF OR segfault_msg_0L454oIAKG OR illegal_inst_msg_yD37SAMiuS) AND NOT timeout_tk77pbFVbX) or (PERFORMER AND NOT ((segfault_code_M4uwcMQslw OR segfault_code_T1sJXfyp55 OR segfault_code_JNKw9G8yM2 OR segfault_code_OENylny0Aj OR segfault_code_CqCoyExKCF OR segfault_msg_0L454oIAKG OR illegal_inst_msg_yD37SAMiuS) OR timeout_tk77pbFVbX)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None stonesoup_trace:weakness_start Has a buffer declared on the stack. char[64] If input is shorter than 64 it will overflow,due to using improper sizeof and strlen checking DOS_UNCONTROLLED_EXIT AAAAAAAAAAAA $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 weakness_started_Kzyl86eGPKGLcNshW25M AND ((NOT PERFORMER AND (segfault_code_XJwBf97Wdu OR segfault_code_coqCBLkFGK OR segfault_code_nZBc2z2pMx OR segfault_code_o4TzFn5Lpz OR segfault_code_0oDSvYQ2eV OR segfault_msg_ryDGnae6ig OR illegal_inst_msg_23tadITpZD) AND NOT timeout_oyqTlTNm99) or (PERFORMER AND NOT ((segfault_code_XJwBf97Wdu OR segfault_code_coqCBLkFGK OR segfault_code_nZBc2z2pMx OR segfault_code_o4TzFn5Lpz OR segfault_code_0oDSvYQ2eV OR segfault_msg_ryDGnae6ig OR illegal_inst_msg_23tadITpZD) OR timeout_oyqTlTNm99))) (NOT PERFORMER AND (segfault_code_XJwBf97Wdu OR segfault_code_coqCBLkFGK OR segfault_code_nZBc2z2pMx OR segfault_code_o4TzFn5Lpz OR segfault_code_0oDSvYQ2eV OR segfault_msg_ryDGnae6ig OR illegal_inst_msg_23tadITpZD) AND NOT timeout_oyqTlTNm99) or (PERFORMER AND NOT ((segfault_code_XJwBf97Wdu OR segfault_code_coqCBLkFGK OR segfault_code_nZBc2z2pMx OR segfault_code_o4TzFn5Lpz OR segfault_code_0oDSvYQ2eV OR segfault_msg_ryDGnae6ig OR illegal_inst_msg_23tadITpZD) OR timeout_oyqTlTNm99)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None stonesoup_trace:weakness_start