Creating test case using base program.
Added an environment variable read to the function definition.
Completed injection.
UNSPECIFIED
UNSPECIFIED
$SS_TC_ROOT/$SS_TC_INSTALL/bin/gimp $SS_TC_ROOT/testData/input.jpg
env
./configure --prefix="$SS_TC_ROOT/$SS_TC_INSTALL" --disable-alsatest --without-libmng --without-libexif --without-aa --without-librsvg --without-poppler --without-gvfs --without-libjasper --with-lcms --without-alsa --disable-python
make V=1 CC="$SS_CC"
make install V=1
Open saved jpg file
Has a stack buffer of size 128 within a struct. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read
NONE
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
input image opened.
DOES_NOT_RETURN
CONTROLLED_EXIT
color invert an image
Has a stack buffer of size 128 within a struct. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read
NONE
This is probably not going to overflow a buffer of some sort. Let's run it anyway and see what happens.
AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
image colors inverted
DOES_NOT_RETURN
CONTROLLED_EXIT
create a layer, fill with black, use divde layer mode
Has a stack buffer of size 128 within a struct. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read
NONE
As long as this statement has more than 128 characters, then nothing bad should happen
AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
Layer created, and layer mode changed.
DOES_NOT_RETURN
CONTROLLED_EXIT
view color histogram of image
Has a stack buffer of size 128 within a struct. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read
NONE
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
Histogram of image generated.
DOES_NOT_RETURN
CONTROLLED_EXIT
add supernova filter
Has a stack buffer of size 128 within a struct. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read
NONE
This is probably not going to overflow a buffer of some sort. Let's run it anyway and see what happens.
AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
supernova added
DOES_NOT_RETURN
CONTROLLED_EXIT
make selection with magic wand, paste into new image
Has a stack buffer of size 128 within a struct. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read
NONE
As long as this statement has more than 128 characters, then nothing bad should happen
AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-06 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
Magic Wand selection pasted into new document.
DOES_NOT_RETURN
CONTROLLED_EXIT
rotate image 180 degrees
Has a stack buffer of size 128 within a struct. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read
NONE
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
Image rotated 180 degrees.
DOES_NOT_RETURN
CONTROLLED_EXIT
add pagecurl filter
Has a stack buffer of size 128 within a struct. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read
NONE
This is probably not going to overflow a buffer of some sort. Let's run it anyway and see what happens.
AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
pagecurl added
DOES_NOT_RETURN
CONTROLLED_EXIT
use edgefinder filter
Has a stack buffer of size 128 within a struct. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read
NONE
As long as this statement has more than 128 characters, then nothing bad should happen
AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-09 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
pagecurl added
DOES_NOT_RETURN
CONTROLLED_EXIT
pixelize image
Has a stack buffer of size 128 within a struct. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read
NONE
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
image pixelized.
DOES_NOT_RETURN
CONTROLLED_EXIT
Has a stack buffer of size 128 within a struct. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read
READ_APPLICATION_DATA
QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUGugIE=
AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
weakness_started_kaFJcFOJvFOQwYwo3GGV AND ((NOT PERFORMER AND (output_excess_non_null_5yuR6Obzl3) AND NOT timeout_f8McUkHfsX) or (PERFORMER AND NOT ((output_excess_non_null_5yuR6Obzl3) OR timeout_f8McUkHfsX)))
(NOT PERFORMER AND (output_excess_non_null_5yuR6Obzl3) AND NOT timeout_f8McUkHfsX) or (PERFORMER AND NOT ((output_excess_non_null_5yuR6Obzl3) OR timeout_f8McUkHfsX))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
if (( $(/bin/grep -P "value [\x80-\xFF] appears: 5555 times" "logfile.txt" | wc -l) > 0)); then true; else false; fi;
None
stonesoup_trace:weakness_start
Has a stack buffer of size 128 within a struct. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read
READ_APPLICATION_DATA
SGVsbKUgV6lybGSI
AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
weakness_started_7QPxTFejaawyUYufFLKq AND ((NOT PERFORMER AND (output_excess_non_null_JTF8wHmtu4) AND NOT timeout_1kBFm6nFNZ) or (PERFORMER AND NOT ((output_excess_non_null_JTF8wHmtu4) OR timeout_1kBFm6nFNZ)))
(NOT PERFORMER AND (output_excess_non_null_JTF8wHmtu4) AND NOT timeout_1kBFm6nFNZ) or (PERFORMER AND NOT ((output_excess_non_null_JTF8wHmtu4) OR timeout_1kBFm6nFNZ))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
if (( $(/bin/grep -P "value [\x80-\xFF] appears: 5555 times" "logfile.txt" | wc -l) > 0)); then true; else false; fi;
None
stonesoup_trace:weakness_start