Creating test case using base program.
Added a Socket Server to accept communication from untrusted source.
Completed injection.
UNSPECIFIED
UNSPECIFIED
$SS_TC_ROOT/$SS_TC_INSTALL/bin/gimp $SS_TC_ROOT/testData/input.jpg
env
./configure --prefix="$SS_TC_ROOT/$SS_TC_INSTALL" --disable-alsatest --without-libmng --without-libexif --without-aa --without-librsvg --without-poppler --without-gvfs --without-libjasper --with-lcms --without-alsa --disable-python
make V=1 CC="$SS_CC"
make install V=1
Open saved jpg file
read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes
NONE
This file is not empty.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
input image opened.
DOES_NOT_RETURN
CONTROLLED_EXIT
color invert an image
read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes
NONE
abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuv
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
image colors inverted
DOES_NOT_RETURN
CONTROLLED_EXIT
create a layer, fill with black, use divde layer mode
read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
Layer created, and layer mode changed.
DOES_NOT_RETURN
CONTROLLED_EXIT
view color histogram of image
read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes
NONE
This file is not empty.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
Histogram of image generated.
DOES_NOT_RETURN
CONTROLLED_EXIT
add supernova filter
read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes
NONE
abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuv
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
supernova added
DOES_NOT_RETURN
CONTROLLED_EXIT
make selection with magic wand, paste into new image
read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-06 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
Magic Wand selection pasted into new document.
DOES_NOT_RETURN
CONTROLLED_EXIT
rotate image 180 degrees
read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes
NONE
This file is not empty.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
Image rotated 180 degrees.
DOES_NOT_RETURN
CONTROLLED_EXIT
add pagecurl filter
read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes
NONE
abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuv
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
pagecurl added
DOES_NOT_RETURN
CONTROLLED_EXIT
use edgefinder filter
read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-09 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
pagecurl added
DOES_NOT_RETURN
CONTROLLED_EXIT
pixelize image
read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes
NONE
This file is not empty.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
image pixelized.
DOES_NOT_RETURN
CONTROLLED_EXIT
read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes
DOS_UNCONTROLLED_EXIT
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
weakness_started_Ui7I4zr64km4HSJbnVQT AND ((NOT PERFORMER AND (segfault_code_Eaefxn1AAZ OR segfault_code_r0Y3JocdJ7 OR segfault_code_Lrz2wEJuqB OR segfault_code_IMreFfJwFn OR segfault_code_w1ZB9kxuF0 OR segfault_msg_ROjIxMeV3Q OR illegal_inst_msg_QXAduQgLCu) AND NOT timeout_BLtE1RVcws) or (PERFORMER AND NOT ((segfault_code_Eaefxn1AAZ OR segfault_code_r0Y3JocdJ7 OR segfault_code_Lrz2wEJuqB OR segfault_code_IMreFfJwFn OR segfault_code_w1ZB9kxuF0 OR segfault_msg_ROjIxMeV3Q OR illegal_inst_msg_QXAduQgLCu) OR timeout_BLtE1RVcws OR controlled_exit_00ZhPb1oAL)))
(NOT PERFORMER AND (segfault_code_Eaefxn1AAZ OR segfault_code_r0Y3JocdJ7 OR segfault_code_Lrz2wEJuqB OR segfault_code_IMreFfJwFn OR segfault_code_w1ZB9kxuF0 OR segfault_msg_ROjIxMeV3Q OR illegal_inst_msg_QXAduQgLCu) AND NOT timeout_BLtE1RVcws) or (PERFORMER AND NOT ((segfault_code_Eaefxn1AAZ OR segfault_code_r0Y3JocdJ7 OR segfault_code_Lrz2wEJuqB OR segfault_code_IMreFfJwFn OR segfault_code_w1ZB9kxuF0 OR segfault_msg_ROjIxMeV3Q OR illegal_inst_msg_QXAduQgLCu) OR timeout_BLtE1RVcws OR controlled_exit_00ZhPb1oAL))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
None
132
None
134
None
135
None
136
None
139
None
Segmentation fault
None
Illegal instruction
None
stonesoup_trace:weakness_start
read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes
DOS_UNCONTROLLED_EXIT
abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwx
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
0
weakness_started_FX0X5lrbTLIy8mEBIP72 AND ((NOT PERFORMER AND (segfault_code_QvpZlkIKYZ OR segfault_code_gkkbXR53kn OR segfault_code_t2KhNE8ZLC OR segfault_code_EJuwowCxlT OR segfault_code_BUiNfce9U8 OR segfault_msg_VBjLo6sRPb OR illegal_inst_msg_qqPrkC9R8y) AND NOT timeout_K8wtW814ZW) or (PERFORMER AND NOT ((segfault_code_QvpZlkIKYZ OR segfault_code_gkkbXR53kn OR segfault_code_t2KhNE8ZLC OR segfault_code_EJuwowCxlT OR segfault_code_BUiNfce9U8 OR segfault_msg_VBjLo6sRPb OR illegal_inst_msg_qqPrkC9R8y) OR timeout_K8wtW814ZW OR controlled_exit_WKc10jlQ05)))
(NOT PERFORMER AND (segfault_code_QvpZlkIKYZ OR segfault_code_gkkbXR53kn OR segfault_code_t2KhNE8ZLC OR segfault_code_EJuwowCxlT OR segfault_code_BUiNfce9U8 OR segfault_msg_VBjLo6sRPb OR illegal_inst_msg_qqPrkC9R8y) AND NOT timeout_K8wtW814ZW) or (PERFORMER AND NOT ((segfault_code_QvpZlkIKYZ OR segfault_code_gkkbXR53kn OR segfault_code_t2KhNE8ZLC OR segfault_code_EJuwowCxlT OR segfault_code_BUiNfce9U8 OR segfault_msg_VBjLo6sRPb OR illegal_inst_msg_qqPrkC9R8y) OR timeout_K8wtW814ZW OR controlled_exit_WKc10jlQ05))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
None
132
None
134
None
135
None
136
None
139
None
Segmentation fault
None
Illegal instruction
None
stonesoup_trace:weakness_start