Creating test case using base program. Added an environment variable read to the function definition. Completed injection. UNSPECIFIED UNSPECIFIED $SS_TC_ROOT/$SS_TC_INSTALL/bin/openssl CFLAG="-O $CFLAGS" EX_LIBS="$LDFLAGS $LIBS" ./config --prefix="$SS_TC_ROOT/$SS_TC_INSTALL" shared make CC="$SS_CC" CCLD="$SS_LNK" EX_LIBS="$LDFLAGS $LIBS" make install_sw CC="$SS_CC" CCLD="$SS_LNK" EX_LIBS="$LDFLAGS $SS_LDFLAGS $LIBS" Generate an RSA private key read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE /opt/stonesoup/workspace/testData/good01.txt This file is not empty. $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 genpkey -out $SS_TC_ROOT/testOutput/good-01/key.pem -algorithm RSA GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT ../testOutput/good-01/key.pem -----END PRIVATE KEY----- DOES_NOT_RETURN CONTROLLED_EXIT Create a password hash using crypt, and salt of "xx" read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE /opt/stonesoup/workspace/testData/good02.txt abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuv $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 passwd -crypt -salt xx password GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT xxj31ZMTZzkVA DOES_NOT_RETURN CONTROLLED_EXIT Encrypt a file with DES3 using salt and key of "stonesoup" read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE /opt/stonesoup/workspace/testData/badfilename.txt $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 des3 -salt -in good-03/file.txt -out $SS_TC_ROOT/testOutput/good-03/file.des3 -k "stonesoup" GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT ../testOutput/good-03/file.des3 Salted__ DOES_NOT_RETURN CONTROLLED_EXIT parse ASN1 structure read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE /opt/stonesoup/workspace/testData/good01.txt This file is not empty. $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 asn1parse -genstr 'UTF8:Hello World' GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT 0:d=0 hl=2 l= 11 prim: UTF8STRING :Hello World DOES_NOT_RETURN CONTROLLED_EXIT create Netscape certficiate from PEM read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE /opt/stonesoup/workspace/testData/good02.txt abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuv $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 nseq -in good-05/cert.pem -toseq -out $SS_TC_ROOT/testOutput/good-05/nseq.pem GOOD-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT ../testOutput/good-05/nseq.pem -----END CERTIFICATE----- DOES_NOT_RETURN CONTROLLED_EXIT generate MIME content from text file, encrypting with x509 cert read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE /opt/stonesoup/workspace/testData/badfilename.txt $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 smime -in good-06/secretemail.txt -encrypt good-06/x509.pem GOOD-06 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-06/output.txt DOES_NOT_RETURN CONTROLLED_EXIT check primality of number read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE /opt/stonesoup/workspace/testData/good01.txt This file is not empty. $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 prime 15648972863 GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT 3A4C0603F is prime DOES_NOT_RETURN CONTROLLED_EXIT encrypt textfile with AES 256 and salt, base64 encoded result read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE /opt/stonesoup/workspace/testData/good02.txt abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuv $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 enc -in good-08/secret.txt -aes256 -k password -S abacabb -base64 GOOD-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT U2FsdGVkX1+rrKuwAAAAACgoU5YHltmsjJifyZi0xJA= DOES_NOT_RETURN CONTROLLED_EXIT SHA1 with hmac of text file read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE /opt/stonesoup/workspace/testData/badfilename.txt $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 dgst -sha1 -c -hmac "secret-key" good-09/message.txt GOOD-09 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT HMAC-SHA1(good-09/message.txt)= 3a:da:b3:ba:5a:59:a9:56:8d:76:3a:d4:20:f6:13:cd:aa:49:41:a6 DOES_NOT_RETURN CONTROLLED_EXIT Generate SSL certificate and private key read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE /opt/stonesoup/workspace/testData/good01.txt This file is not empty. $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout good-10/server.key -out good-10/server.crt -subj "/C=SP/ST=The Moon/L=TheDarkSide/O=KSP/OU=Moon Department/CN=ksp.moon" GOOD-10-1 AND GOOD-10-2 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT ../testData/good-10/server.crt -----END CERTIFICATE----- ../testData/good-10/server.key -----END PRIVATE KEY----- DOES_NOT_RETURN CONTROLLED_EXIT read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes DOS_UNCONTROLLED_EXIT /opt/stonesoup/workspace/testData/bad01.txt aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 asn1parse -genstr 'UTF8:Hello World' weakness_started_5GVDfYbZch8PmfCZF9lh AND ((NOT PERFORMER AND (segfault_code_LK9XXaADFA OR segfault_code_AdlsTfboVZ OR segfault_code_bmvkQIBHSZ OR segfault_code_6adMBk22OJ OR segfault_code_l1EKEL3e4g OR segfault_msg_9sAe2tuwPI OR illegal_inst_msg_53eQbEcS4G) AND NOT timeout_QD4YtucYFW) or (PERFORMER AND NOT ((segfault_code_LK9XXaADFA OR segfault_code_AdlsTfboVZ OR segfault_code_bmvkQIBHSZ OR segfault_code_6adMBk22OJ OR segfault_code_l1EKEL3e4g OR segfault_msg_9sAe2tuwPI OR illegal_inst_msg_53eQbEcS4G) OR timeout_QD4YtucYFW))) (NOT PERFORMER AND (segfault_code_LK9XXaADFA OR segfault_code_AdlsTfboVZ OR segfault_code_bmvkQIBHSZ OR segfault_code_6adMBk22OJ OR segfault_code_l1EKEL3e4g OR segfault_msg_9sAe2tuwPI OR illegal_inst_msg_53eQbEcS4G) AND NOT timeout_QD4YtucYFW) or (PERFORMER AND NOT ((segfault_code_LK9XXaADFA OR segfault_code_AdlsTfboVZ OR segfault_code_bmvkQIBHSZ OR segfault_code_6adMBk22OJ OR segfault_code_l1EKEL3e4g OR segfault_msg_9sAe2tuwPI OR illegal_inst_msg_53eQbEcS4G) OR timeout_QD4YtucYFW)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None stonesoup_trace:weakness_start read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes DOS_UNCONTROLLED_EXIT /opt/stonesoup/workspace/testData/bad02.txt abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwx $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 nseq -in good-05/cert.pem -toseq -out $SS_TC_ROOT/testOutput/good-05/nseq.pem weakness_started_mcfJ82MAmsQFXzeFAZfb AND ((NOT PERFORMER AND (segfault_code_finuzSVcVo OR segfault_code_v3F4nkSXWj OR segfault_code_ivjTK1kK0R OR segfault_code_RUWfZ8lRcW OR segfault_code_FFOYWHZ90f OR segfault_msg_Wi2TMzoxod OR illegal_inst_msg_xrpQ5WAdvX) AND NOT timeout_IjFlyNWbm6) or (PERFORMER AND NOT ((segfault_code_finuzSVcVo OR segfault_code_v3F4nkSXWj OR segfault_code_ivjTK1kK0R OR segfault_code_RUWfZ8lRcW OR segfault_code_FFOYWHZ90f OR segfault_msg_Wi2TMzoxod OR illegal_inst_msg_xrpQ5WAdvX) OR timeout_IjFlyNWbm6))) (NOT PERFORMER AND (segfault_code_finuzSVcVo OR segfault_code_v3F4nkSXWj OR segfault_code_ivjTK1kK0R OR segfault_code_RUWfZ8lRcW OR segfault_code_FFOYWHZ90f OR segfault_msg_Wi2TMzoxod OR illegal_inst_msg_xrpQ5WAdvX) AND NOT timeout_IjFlyNWbm6) or (PERFORMER AND NOT ((segfault_code_finuzSVcVo OR segfault_code_v3F4nkSXWj OR segfault_code_ivjTK1kK0R OR segfault_code_RUWfZ8lRcW OR segfault_code_FFOYWHZ90f OR segfault_msg_Wi2TMzoxod OR illegal_inst_msg_xrpQ5WAdvX) OR timeout_IjFlyNWbm6)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None stonesoup_trace:weakness_start