Creating test case using base program. Added an environment variable read to get a filename to read in the file contents using an fread operation within the function Completed injection. UNSPECIFIED UNSPECIFIED $SS_TC_ROOT/$SS_TC_INSTALL/bin/wireshark $SS_TC_ROOT/testData/input.pcap ./configure --prefix="$SS_TC_ROOT/$SS_TC_INSTALL" --enable-wireshark --with-gtk3=yes --without-lua --without-qt --with-gcrypt --with-gnutls --with-libsmi --with-pcap --with-zlib --without-portaudio --without-libcap --without-krb5 --with-cres --with-adns --with-geoip make V=1 CC="$SS_CC" make install V=1 Open saved .pcap file Has a stack buffer of size 128. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read NONE /opt/stonesoup/workspace/testData/unlosable_pentastomida/proembryonic_nehru.txt AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2 $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-01/output.txt DOES_NOT_RETURN CONTROLLED_EXIT export first 50 packets from saved pcap, run md5sum on newly created pcap Has a stack buffer of size 128. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read NONE /opt/stonesoup/workspace/testData/unlosable_pentastomida/proembryonic_nehru.txt This is probably not going to overflow a buffer of some sort. Let's run it anyway and see what happens. AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2 $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-02/output.txt DOES_NOT_RETURN CONTROLLED_EXIT jump to packet 10 Has a stack buffer of size 128. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read NONE /opt/stonesoup/workspace/testData/unlosable_pentastomida/proembryonic_nehru.txt As long as this statement has more than 64 characters, then nothing bad should happen AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2 $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-03/output.txt DOES_NOT_RETURN CONTROLLED_EXIT open statistical summary Has a stack buffer of size 128. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read NONE /opt/stonesoup/workspace/testData/unlosable_pentastomida/proembryonic_nehru.txt AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2 $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-04/output.txt DOES_NOT_RETURN CONTROLLED_EXIT open protocol hierarchy Has a stack buffer of size 128. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read NONE /opt/stonesoup/workspace/testData/unlosable_pentastomida/proembryonic_nehru.txt This is probably not going to overflow a buffer of some sort. Let's run it anyway and see what happens. AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2 $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-05/output.txt DOES_NOT_RETURN CONTROLLED_EXIT follow a tcp stream Has a stack buffer of size 128. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read NONE /opt/stonesoup/workspace/testData/unlosable_pentastomida/proembryonic_nehru.txt As long as this statement has more than 64 characters, then nothing bad should happen AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2 $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-06 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-06/output.txt DOES_NOT_RETURN CONTROLLED_EXIT run a display filter for http Has a stack buffer of size 128. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read NONE /opt/stonesoup/workspace/testData/unlosable_pentastomida/proembryonic_nehru.txt AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2 $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-07/output.txt DOES_NOT_RETURN CONTROLLED_EXIT export a .png from captured http traffic, run an md5, compare with known good Has a stack buffer of size 128. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read NONE /opt/stonesoup/workspace/testData/unlosable_pentastomida/proembryonic_nehru.txt This is probably not going to overflow a buffer of some sort. Let's run it anyway and see what happens. AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2 $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-08/output.txt DOES_NOT_RETURN CONTROLLED_EXIT search for a string Has a stack buffer of size 128. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read NONE /opt/stonesoup/workspace/testData/unlosable_pentastomida/proembryonic_nehru.txt As long as this statement has more than 64 characters, then nothing bad should happen AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2 $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-09 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-09/output.txt DOES_NOT_RETURN CONTROLLED_EXIT open io graph Has a stack buffer of size 128. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read NONE /opt/stonesoup/workspace/testData/unlosable_pentastomida/proembryonic_nehru.txt AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2 $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-10/output.txt DOES_NOT_RETURN CONTROLLED_EXIT Has a stack buffer of size 128. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read READ_APPLICATION_DATA /opt/stonesoup/workspace/testData/unlosable_pentastomida/proembryonic_nehru.txt QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUGugIE= AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2 $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 weakness_started_5c2AlvFQHQ4H8TXwbTN9 AND ((NOT PERFORMER AND (output_excess_non_null_brX8nzMfcW) AND NOT timeout_G0pkWqWIyw) or (PERFORMER AND NOT ((output_excess_non_null_brX8nzMfcW) OR timeout_G0pkWqWIyw))) (NOT PERFORMER AND (output_excess_non_null_brX8nzMfcW) AND NOT timeout_G0pkWqWIyw) or (PERFORMER AND NOT ((output_excess_non_null_brX8nzMfcW) OR timeout_G0pkWqWIyw)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION if (( $(/bin/grep -P "value [\x80-\xFF] appears: 5555 times" "logfile.txt" | wc -l) > 0)); then true; else false; fi; None stonesoup_trace:weakness_start Has a stack buffer of size 128. reads in an ascii string from an environmentvariable and increments the corresponding values in the stack buffer. Then reads in an input and prints out the count of the characters from the stack buff of those in the input. If input contains extended ascii characters, they will be wrapped around to negative values and the buffer will be under read READ_APPLICATION_DATA /opt/stonesoup/workspace/testData/unlosable_pentastomida/proembryonic_nehru.txt SGVsbKUgV6lybGSI AAAABVVCUYEOAISDHGUEHGU:WOJOQIUFGUYGBJdjsafihuegakdlfm9238946665232kmemiucyds78fy2 $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 weakness_started_TgcuDvXhifdi1IgcIcHo AND ((NOT PERFORMER AND (output_excess_non_null_yNHm8OrEtP) AND NOT timeout_kR4PeuOsn1) or (PERFORMER AND NOT ((output_excess_non_null_yNHm8OrEtP) OR timeout_kR4PeuOsn1))) (NOT PERFORMER AND (output_excess_non_null_yNHm8OrEtP) AND NOT timeout_kR4PeuOsn1) or (PERFORMER AND NOT ((output_excess_non_null_yNHm8OrEtP) OR timeout_kR4PeuOsn1)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION if (( $(/bin/grep -P "value [\x80-\xFF] appears: 5555 times" "logfile.txt" | wc -l) > 0)); then true; else false; fi; None stonesoup_trace:weakness_start