Creating test case using base program.
Added an environment variable read to the function definition.
Completed injection.
UNSPECIFIED
UNSPECIFIED
$SS_TC_ROOT/$SS_TC_INSTALL/bin/tree
make install CC="$SS_CC" LD="$SS_LNK" CFLAGS="$CFLAGS" CPPFLAGS="$CPPFLAGS" LDFLAGS="$LDFLAGS" prefix="$SS_TC_ROOT/$SS_TC_INSTALL" LIBS="$LIBS"
Has a heap buffer of size 64. Reads in an ascii string from an environment variable and copies the final 63 characters into the heap buffer. Then reads the variable back from the heap buffer in reverse order, but incorrectly uses the size of the original string. If the original string is longer than 63characters, this will result in an underread.
NONE
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q input/good-01
STDOUT-REPORT-01 AND STDOUT-CONTENT-LENGTH-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
5 directories, 10 files
SIMILAR
DOES_NOT_RETURN
CONTROLLED_EXIT
Has a heap buffer of size 64. Reads in an ascii string from an environment variable and copies the final 63 characters into the heap buffer. Then reads the variable back from the heap buffer in reverse order, but incorrectly uses the size of the original string. If the original string is longer than 63characters, this will result in an underread.
NONE
This is probably not going to overflow a buffer of some sort.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q -L 2 input/good-02
STDOUT-REPORT-02 AND STDOUT-CONTENT-LENGTH-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
5 directories, 4 files
SIMILAR
DOES_NOT_RETURN
CONTROLLED_EXIT
Has a heap buffer of size 64. Reads in an ascii string from an environment variable and copies the final 63 characters into the heap buffer. Then reads the variable back from the heap buffer in reverse order, but incorrectly uses the size of the original string. If the original string is longer than 63characters, this will result in an underread.
NONE
This statement has less than 64 characters, then nothing bad.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q -J input/good-03
STDOUT-REPORT-03 AND STDOUT-CONTENT-LENGTH-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
{"type":"report","directories":7,"files":367}
SIMILAR
DOES_NOT_RETURN
CONTROLLED_EXIT
Has a heap buffer of size 64. Reads in an ascii string from an environment variable and copies the final 63 characters into the heap buffer. Then reads the variable back from the heap buffer in reverse order, but incorrectly uses the size of the original string. If the original string is longer than 63characters, this will result in an underread.
NONE
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q -P "test*" -F input/good-03
STDOUT-REPORT-04 AND STDOUT-CONTENT-LENGTH-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
7 directories, 62 files
SIMILAR
DOES_NOT_RETURN
CONTROLLED_EXIT
Has a heap buffer of size 64. Reads in an ascii string from an environment variable and copies the final 63 characters into the heap buffer. Then reads the variable back from the heap buffer in reverse order, but incorrectly uses the size of the original string. If the original string is longer than 63characters, this will result in an underread.
NONE
This is probably not going to overflow a buffer of some sort.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q -H "" input/good-01
STDOUT-REPORT-05 AND STDOUT-CONTENT-LENGTH-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
5 directories, 10 files
SIMILAR
DOES_NOT_RETURN
CONTROLLED_EXIT
Has a heap buffer of size 64. Reads in an ascii string from an environment variable and copies the final 63 characters into the heap buffer. Then reads the variable back from the heap buffer in reverse order, but incorrectly uses the size of the original string. If the original string is longer than 63characters, this will result in an underread.
READ_APPLICATION_DATA
DOS_UNCONTROLLED_EXIT
abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q -J input/good-03
weakness_started_Zv7FkWeFpfTmjmh0WuPw AND ((NOT PERFORMER AND (print_buffer_nfJKaPGTJZ OR (segfault_code_3OwM2VrVdr OR segfault_code_gA9QtIm12L OR segfault_code_0fRe0vfgDh OR segfault_code_FTK7CpI5Vm OR segfault_code_R6oXGPW9nS OR segfault_msg_P5mksL94E2 OR illegal_inst_msg_lh4gZ2C9ej)) AND NOT timeout_DMOp1LDflI) or (PERFORMER AND NOT ((print_buffer_nfJKaPGTJZ OR (segfault_code_3OwM2VrVdr OR segfault_code_gA9QtIm12L OR segfault_code_0fRe0vfgDh OR segfault_code_FTK7CpI5Vm OR segfault_code_R6oXGPW9nS OR segfault_msg_P5mksL94E2 OR illegal_inst_msg_lh4gZ2C9ej)) OR timeout_DMOp1LDflI)))
(NOT PERFORMER AND (print_buffer_nfJKaPGTJZ OR (segfault_code_3OwM2VrVdr OR segfault_code_gA9QtIm12L OR segfault_code_0fRe0vfgDh OR segfault_code_FTK7CpI5Vm OR segfault_code_R6oXGPW9nS OR segfault_msg_P5mksL94E2 OR illegal_inst_msg_lh4gZ2C9ej)) AND NOT timeout_DMOp1LDflI) or (PERFORMER AND NOT ((print_buffer_nfJKaPGTJZ OR (segfault_code_3OwM2VrVdr OR segfault_code_gA9QtIm12L OR segfault_code_0fRe0vfgDh OR segfault_code_FTK7CpI5Vm OR segfault_code_R6oXGPW9nS OR segfault_msg_P5mksL94E2 OR illegal_inst_msg_lh4gZ2C9ej)) OR timeout_DMOp1LDflI))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
None
132
None
134
None
135
None
136
None
139
None
Segmentation fault
None
Illegal instruction
logfile.txt
[a-zA-Z0-9]{65,}
None
stonesoup_trace:weakness_start
Has a heap buffer of size 64. Reads in an ascii string from an environment variable and copies the final 63 characters into the heap buffer. Then reads the variable back from the heap buffer in reverse order, but incorrectly uses the size of the original string. If the original string is longer than 63characters, this will result in an underread.
READ_APPLICATION_DATA
DOS_UNCONTROLLED_EXIT
The quick brown fox jumps over the lazy dog. Why? I don't know, because he was in a rush and trying to get somewhere.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
--charset ASCII --sort=name -n -q -P "test*" -F input/good-03
weakness_started_fYtTknFPIMExHCY6g4se AND ((NOT PERFORMER AND (print_buffer_zig6gorman OR (segfault_code_B7Tn7siCx5 OR segfault_code_FhPYee2iTw OR segfault_code_0inDccnvuX OR segfault_code_WN7HUe8F4T OR segfault_code_JJYJRRLy4o OR segfault_msg_RzlltkFrNo OR illegal_inst_msg_I1N5XRdtGt)) AND NOT timeout_9dEIFEPOg9) or (PERFORMER AND NOT ((print_buffer_zig6gorman OR (segfault_code_B7Tn7siCx5 OR segfault_code_FhPYee2iTw OR segfault_code_0inDccnvuX OR segfault_code_WN7HUe8F4T OR segfault_code_JJYJRRLy4o OR segfault_msg_RzlltkFrNo OR illegal_inst_msg_I1N5XRdtGt)) OR timeout_9dEIFEPOg9)))
(NOT PERFORMER AND (print_buffer_zig6gorman OR (segfault_code_B7Tn7siCx5 OR segfault_code_FhPYee2iTw OR segfault_code_0inDccnvuX OR segfault_code_WN7HUe8F4T OR segfault_code_JJYJRRLy4o OR segfault_msg_RzlltkFrNo OR illegal_inst_msg_I1N5XRdtGt)) AND NOT timeout_9dEIFEPOg9) or (PERFORMER AND NOT ((print_buffer_zig6gorman OR (segfault_code_B7Tn7siCx5 OR segfault_code_FhPYee2iTw OR segfault_code_0inDccnvuX OR segfault_code_WN7HUe8F4T OR segfault_code_JJYJRRLy4o OR segfault_msg_RzlltkFrNo OR illegal_inst_msg_I1N5XRdtGt)) OR timeout_9dEIFEPOg9))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
None
132
None
134
None
135
None
136
None
139
None
Segmentation fault
None
Illegal instruction
logfile.txt
[a-zA-Z0-9]{65,}
None
stonesoup_trace:weakness_start