Creating test case using base program. Added an environment variable read to get a filename to read in the file contents using an fread operation within the function Completed injection. UNSPECIFIED UNSPECIFIED $SS_TC_ROOT/$SS_TC_INSTALL/bin/ffmpeg env ./configure --prefix="$SS_TC_ROOT/$SS_TC_INSTALL" --enable-pic --disable-static --enable-shared --disable-yasm --disable-doc --enable-pthreads --disable-w32threads --disable-os2threads --enable-zlib --enable-openssl --disable-asm --extra-cflags="$SS_CFLAGS" --extra-ldflags="$SS_LDFLAGS" --extra-libs="$SS_LIBS" mv config.mak config.mak.bak awk -v compiler="$SS_CC" '/CC=gcc/{gsub(/gcc/, compiler)};{print}' config.mak.bak > config.mak && true make V=1 make install V=1 remove the audio from a video Has a buffer declared on the heap. malloc(64*sizeOf(char)) If input is shorter than 64 it will overflowdue to using improper sizeof and strlen checking NONE /opt/stonesoup/workspace/testData/thiocyanide_teety/loyce_microcitrus.txt AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaAAAAAAAAAAAAAAAA $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 -an -i grsm_0001-shorter.mov good-01/grsm_0001_no_audio.mov (GOOD-01-CENTOS OR GOOD-01-UBUNTU OR GOOD-01-DEBIAN) AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-01/grsm_0001_no_audio.mov good-01/grsm_0001_no_audio-centos.mov good-01/grsm_0001_no_audio.mov good-01/grsm_0001_no_audio-ubuntu.mov good-01/grsm_0001_no_audio.mov good-01/grsm_0001_no_audio-debian.mov DOES_NOT_RETURN CONTROLLED_EXIT change the frame rate and aspect ration of a video Has a buffer declared on the heap. malloc(64*sizeOf(char)) If input is shorter than 64 it will overflowdue to using improper sizeof and strlen checking NONE /opt/stonesoup/workspace/testData/thiocyanide_teety/loyce_microcitrus.txt Hello World! If this statement isn't more than 64 characters, it will go badly $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 -r 20 -aspect 16:9 -i elis_m0001-shorter.mov good-02/elis_m0001_rate_aspect.mov (GOOD-02-CENTOS OR GOOD-02-UBUNTU OR GOOD-02-DEBIAN) AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-02/elis_m0001_rate_aspect.mov good-02/elis_m0001_rate_aspect-centos.mov good-02/elis_m0001_rate_aspect.mov good-02/elis_m0001_rate_aspect-ubuntu.mov good-02/elis_m0001_rate_aspect.mov good-02/elis_m0001_rate_aspect-debian.mov DOES_NOT_RETURN CONTROLLED_EXIT remove the audio and change the video format from .mov to .mp4 using the mpeg4 codec Has a buffer declared on the heap. malloc(64*sizeOf(char)) If input is shorter than 64 it will overflowdue to using improper sizeof and strlen checking NONE /opt/stonesoup/workspace/testData/thiocyanide_teety/loyce_microcitrus.txt Short is good for buffer overflows, unless you make a mistake and get it wrong $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 -an -i bost_people_0001-shorter.mov -vcodec mpeg4 -strict -2 good-03/bost_people_0001.mp4 (GOOD-03-CENTOS OR GOOD-03-UBUNTU OR GOOD-03-DEBIAN) AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-03/bost_people_0001.mp4 good-03/bost_people_0001-centos.mp4 good-03/bost_people_0001.mp4 good-03/bost_people_0001-ubuntu.mp4 good-03/bost_people_0001.mp4 good-03/bost_people_0001-debian.mp4 DOES_NOT_RETURN CONTROLLED_EXIT copy the audio file and convert the number of audio channels to 2. Has a buffer declared on the heap. malloc(64*sizeOf(char)) If input is shorter than 64 it will overflowdue to using improper sizeof and strlen checking NONE /opt/stonesoup/workspace/testData/thiocyanide_teety/loyce_microcitrus.txt AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaAAAAAAAAAAAAAAAA $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 -i ApacheTomcat-SomewhereInMyMind.mp3 -acodec copy -ac 2 good-04/ApacheTomcat_dualchannelaudio.mp3 GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-04/ApacheTomcat_dualchannelaudio.mp3 good-04/ApacheTomcat_dualchannelaudio.mp3 DOES_NOT_RETURN CONTROLLED_EXIT remove original audio from a file and combine the audio from another file to create a new video and audio file Has a buffer declared on the heap. malloc(64*sizeOf(char)) If input is shorter than 64 it will overflowdue to using improper sizeof and strlen checking NONE /opt/stonesoup/workspace/testData/thiocyanide_teety/loyce_microcitrus.txt Hello World! If this statement isn't more than 64 characters, it will go badly $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 -an -i grsm_0001-shorter.mov -i ApacheTomcat-SomewhereInMyMind.mp3 -acodec copy good-05/combined.mov (GOOD-05-CENTOS OR GOOD-05-UBUNTU OR GOOD-05-DEBIAN) AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-05/combined.mov good-05/combined-centos.mov good-05/combined.mov good-05/combined-ubuntu.mov good-05/combined.mov good-05/combined-debian.mov DOES_NOT_RETURN CONTROLLED_EXIT Convert the size of a video to vga (640x480) Has a buffer declared on the heap. malloc(64*sizeOf(char)) If input is shorter than 64 it will overflowdue to using improper sizeof and strlen checking NONE /opt/stonesoup/workspace/testData/thiocyanide_teety/loyce_microcitrus.txt Short is good for buffer overflows, unless you make a mistake and get it wrong $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 -i good-06/combined.mov -strict -2 -s vga good-06/combined_vga_sized.mov (GOOD-06-CENTOS OR GOOD-06-UBUNTU OR GOOD-06-DEBIAN) AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-06/combined_vga_sized.mov good-06/combined_vga_sized-centos.mov good-06/combined_vga_sized.mov good-06/combined_vga_sized-ubuntu.mov good-06/combined_vga_sized.mov good-06/combined_vga_sized-debian.mov DOES_NOT_RETURN CONTROLLED_EXIT Covert a .wav file to .mp2 at 22050Hz Has a buffer declared on the heap. malloc(64*sizeOf(char)) If input is shorter than 64 it will overflowdue to using improper sizeof and strlen checking NONE /opt/stonesoup/workspace/testData/thiocyanide_teety/loyce_microcitrus.txt AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaAAAAAAAAAAAAAAAA $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 -i good-07/Bow_To_My_firewall.wav -ar 22050 good-07/Bow_To_My_firewall.mp2 GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-07/Bow_To_My_firewall.mp2 good-07/Bow_To_My_firewall.mp2 DOES_NOT_RETURN CONTROLLED_EXIT Change the bitrate and do it in two passes Has a buffer declared on the heap. malloc(64*sizeOf(char)) If input is shorter than 64 it will overflowdue to using improper sizeof and strlen checking NONE /opt/stonesoup/workspace/testData/thiocyanide_teety/loyce_microcitrus.txt Hello World! If this statement isn't more than 64 characters, it will go badly $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 -b 300 -pass 2 -i grsm_0001-shorter.mov good-08/grsm_0001_bitrate.mov (GOOD-08-CENTOS OR GOOD-08-UBUNTU OR GOOD-08-DEBIAN) AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-08/grsm_0001_bitrate.mov good-08/grsm_0001_bitrate-centos.mov good-08/grsm_0001_bitrate.mov good-08/grsm_0001_bitrate-ubuntu.mov good-08/grsm_0001_bitrate.mov good-08/grsm_0001_bitrate-debian.mov DOES_NOT_RETURN CONTROLLED_EXIT Convert images into a video Has a buffer declared on the heap. malloc(64*sizeOf(char)) If input is shorter than 64 it will overflowdue to using improper sizeof and strlen checking NONE /opt/stonesoup/workspace/testData/thiocyanide_teety/loyce_microcitrus.txt Short is good for buffer overflows, unless you make a mistake and get it wrong $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 -f image2 -i good-09/%03d.jpg -r 12 -s vga good-09/images.avi (GOOD-09-CENTOS OR GOOD-09-UBUNTU OR GOOD-09-DEBIAN) AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-09/images.avi good-09/images-centos.avi good-09/images.avi good-09/images-ubuntu.avi good-09/images.avi good-09/images-debian.avi DOES_NOT_RETURN CONTROLLED_EXIT Extract every fifth frame and convert it to an image Has a buffer declared on the heap. malloc(64*sizeOf(char)) If input is shorter than 64 it will overflowdue to using improper sizeof and strlen checking NONE /opt/stonesoup/workspace/testData/thiocyanide_teety/loyce_microcitrus.txt AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaAAAAAAAAAAAAAAAA $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 -i elis_m0001-shorter.mov -r 5 -s vga good-10/elise-%04d.jpg ((GOOD-10-1-CENTOS AND GOOD-10-2-CENTOS) OR (GOOD-10-1-UBUNTU AND GOOD-10-2-UBUNTU) OR (GOOD-10-1-DEBIAN AND GOOD-10-2-DEBIAN)) AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-10/elise-0001.jpg good-10/elise-0001-centos.jpg good-10/elise-0028.jpg good-10/elise-0028-centos.jpg good-10/elise-0001.jpg good-10/elise-0001-ubuntu.jpg good-10/elise-0028.jpg good-10/elise-0028-ubuntu.jpg good-10/elise-0001.jpg good-10/elise-0001-debian.jpg good-10/elise-0028.jpg good-10/elise-0028-debian.jpg DOES_NOT_RETURN CONTROLLED_EXIT Has a buffer declared on the heap. malloc(64*sizeOf(char)) If input is shorter than 64 it will overflowdue to using improper sizeof and strlen checking DOS_UNCONTROLLED_EXIT /opt/stonesoup/workspace/testData/thiocyanide_teety/loyce_microcitrus.txt AAAAAAAAAAAAAAA $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 -b 300 -pass 2 -i grsm_0001-shorter.mov good-08/grsm_0001_bitrate.mov weakness_started_oQr4SSPa7DYMu7sBq3Lt AND ((NOT PERFORMER AND (segfault_code_wmT0iMtiY8 OR segfault_code_njaWKZLv5V OR segfault_code_szgh8t4ncY OR segfault_code_Og4M1I8EBQ OR segfault_code_vf2aWj14TI OR segfault_msg_JWsgUBifsJ OR illegal_inst_msg_i1U8kDSHIf) AND NOT timeout_AJkM9npHoG) or (PERFORMER AND NOT ((segfault_code_wmT0iMtiY8 OR segfault_code_njaWKZLv5V OR segfault_code_szgh8t4ncY OR segfault_code_Og4M1I8EBQ OR segfault_code_vf2aWj14TI OR segfault_msg_JWsgUBifsJ OR illegal_inst_msg_i1U8kDSHIf) OR timeout_AJkM9npHoG))) (NOT PERFORMER AND (segfault_code_wmT0iMtiY8 OR segfault_code_njaWKZLv5V OR segfault_code_szgh8t4ncY OR segfault_code_Og4M1I8EBQ OR segfault_code_vf2aWj14TI OR segfault_msg_JWsgUBifsJ OR illegal_inst_msg_i1U8kDSHIf) AND NOT timeout_AJkM9npHoG) or (PERFORMER AND NOT ((segfault_code_wmT0iMtiY8 OR segfault_code_njaWKZLv5V OR segfault_code_szgh8t4ncY OR segfault_code_Og4M1I8EBQ OR segfault_code_vf2aWj14TI OR segfault_msg_JWsgUBifsJ OR illegal_inst_msg_i1U8kDSHIf) OR timeout_AJkM9npHoG)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None stonesoup_trace:weakness_start Has a buffer declared on the heap. malloc(64*sizeOf(char)) If input is shorter than 64 it will overflowdue to using improper sizeof and strlen checking DOS_UNCONTROLLED_EXIT /opt/stonesoup/workspace/testData/thiocyanide_teety/loyce_microcitrus.txt Short is now bad $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 -an -i grsm_0001-shorter.mov good-01/grsm_0001_no_audio.mov weakness_started_NhAQu4nMzQeyjeCyWDGj AND ((NOT PERFORMER AND (segfault_code_3sx26tlsPR OR segfault_code_6SSScuvvUX OR segfault_code_h1O16s5K0U OR segfault_code_uAOy4coZCb OR segfault_code_7IaY8csmdX OR segfault_msg_D5NgDqMMhe OR illegal_inst_msg_HZvnGqmIdG) AND NOT timeout_cG1z0EmaEY) or (PERFORMER AND NOT ((segfault_code_3sx26tlsPR OR segfault_code_6SSScuvvUX OR segfault_code_h1O16s5K0U OR segfault_code_uAOy4coZCb OR segfault_code_7IaY8csmdX OR segfault_msg_D5NgDqMMhe OR illegal_inst_msg_HZvnGqmIdG) OR timeout_cG1z0EmaEY))) (NOT PERFORMER AND (segfault_code_3sx26tlsPR OR segfault_code_6SSScuvvUX OR segfault_code_h1O16s5K0U OR segfault_code_uAOy4coZCb OR segfault_code_7IaY8csmdX OR segfault_msg_D5NgDqMMhe OR illegal_inst_msg_HZvnGqmIdG) AND NOT timeout_cG1z0EmaEY) or (PERFORMER AND NOT ((segfault_code_3sx26tlsPR OR segfault_code_6SSScuvvUX OR segfault_code_h1O16s5K0U OR segfault_code_uAOy4coZCb OR segfault_code_7IaY8csmdX OR segfault_msg_D5NgDqMMhe OR illegal_inst_msg_HZvnGqmIdG) OR timeout_cG1z0EmaEY)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None stonesoup_trace:weakness_start