Creating test case using base program. Added a Socket Server to accept communication from untrusted source. Completed injection. UNSPECIFIED UNSPECIFIED $SS_TC_ROOT/$SS_TC_INSTALL/bin/gimp $SS_TC_ROOT/testData/input.jpg env ./configure --prefix="$SS_TC_ROOT/$SS_TC_INSTALL" --disable-alsatest --without-libmng --without-libexif --without-aa --without-librsvg --without-poppler --without-gvfs --without-libjasper --with-lcms --without-alsa --disable-python make V=1 CC="$SS_CC" make install V=1 Open saved jpg file read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE This file is not empty. $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT input image opened. DOES_NOT_RETURN CONTROLLED_EXIT color invert an image read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuv $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT image colors inverted DOES_NOT_RETURN CONTROLLED_EXIT create a layer, fill with black, use divde layer mode read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Layer created, and layer mode changed. DOES_NOT_RETURN CONTROLLED_EXIT view color histogram of image read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE This file is not empty. $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Histogram of image generated. DOES_NOT_RETURN CONTROLLED_EXIT add supernova filter read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuv $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-05 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT supernova added DOES_NOT_RETURN CONTROLLED_EXIT make selection with magic wand, paste into new image read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-06 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Magic Wand selection pasted into new document. DOES_NOT_RETURN CONTROLLED_EXIT rotate image 180 degrees read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE This file is not empty. $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT Image rotated 180 degrees. DOES_NOT_RETURN CONTROLLED_EXIT add pagecurl filter read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuv $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT pagecurl added DOES_NOT_RETURN CONTROLLED_EXIT use edgefinder filter read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-09 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT pagecurl added DOES_NOT_RETURN CONTROLLED_EXIT pixelize image read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes NONE This file is not empty. $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT image pixelized. DOES_NOT_RETURN CONTROLLED_EXIT read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes DOS_UNCONTROLLED_EXIT aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 weakness_started_Ui7I4zr64km4HSJbnVQT AND ((NOT PERFORMER AND (segfault_code_Eaefxn1AAZ OR segfault_code_r0Y3JocdJ7 OR segfault_code_Lrz2wEJuqB OR segfault_code_IMreFfJwFn OR segfault_code_w1ZB9kxuF0 OR segfault_msg_ROjIxMeV3Q OR illegal_inst_msg_QXAduQgLCu) AND NOT timeout_BLtE1RVcws) or (PERFORMER AND NOT ((segfault_code_Eaefxn1AAZ OR segfault_code_r0Y3JocdJ7 OR segfault_code_Lrz2wEJuqB OR segfault_code_IMreFfJwFn OR segfault_code_w1ZB9kxuF0 OR segfault_msg_ROjIxMeV3Q OR illegal_inst_msg_QXAduQgLCu) OR timeout_BLtE1RVcws OR controlled_exit_00ZhPb1oAL))) (NOT PERFORMER AND (segfault_code_Eaefxn1AAZ OR segfault_code_r0Y3JocdJ7 OR segfault_code_Lrz2wEJuqB OR segfault_code_IMreFfJwFn OR segfault_code_w1ZB9kxuF0 OR segfault_msg_ROjIxMeV3Q OR illegal_inst_msg_QXAduQgLCu) AND NOT timeout_BLtE1RVcws) or (PERFORMER AND NOT ((segfault_code_Eaefxn1AAZ OR segfault_code_r0Y3JocdJ7 OR segfault_code_Lrz2wEJuqB OR segfault_code_IMreFfJwFn OR segfault_code_w1ZB9kxuF0 OR segfault_msg_ROjIxMeV3Q OR illegal_inst_msg_QXAduQgLCu) OR timeout_BLtE1RVcws OR controlled_exit_00ZhPb1oAL)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None stonesoup_trace:weakness_start read cmd doesn't null terminate input so strcpy reads past end of buffer until NULL char found Good inputs: 1) environment variable is not set. 2) environment variable is set to a filename that exists and whose contents contain a null character in first 32 bytes3) environment variable is set to a filename that does not exist.Bad input: 1) environment variable is set to a filename that exists and whose contents do not contain a null charater in first 32 bytes DOS_UNCONTROLLED_EXIT abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwx $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-c.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so 0 weakness_started_FX0X5lrbTLIy8mEBIP72 AND ((NOT PERFORMER AND (segfault_code_QvpZlkIKYZ OR segfault_code_gkkbXR53kn OR segfault_code_t2KhNE8ZLC OR segfault_code_EJuwowCxlT OR segfault_code_BUiNfce9U8 OR segfault_msg_VBjLo6sRPb OR illegal_inst_msg_qqPrkC9R8y) AND NOT timeout_K8wtW814ZW) or (PERFORMER AND NOT ((segfault_code_QvpZlkIKYZ OR segfault_code_gkkbXR53kn OR segfault_code_t2KhNE8ZLC OR segfault_code_EJuwowCxlT OR segfault_code_BUiNfce9U8 OR segfault_msg_VBjLo6sRPb OR illegal_inst_msg_qqPrkC9R8y) OR timeout_K8wtW814ZW OR controlled_exit_WKc10jlQ05))) (NOT PERFORMER AND (segfault_code_QvpZlkIKYZ OR segfault_code_gkkbXR53kn OR segfault_code_t2KhNE8ZLC OR segfault_code_EJuwowCxlT OR segfault_code_BUiNfce9U8 OR segfault_msg_VBjLo6sRPb OR illegal_inst_msg_qqPrkC9R8y) AND NOT timeout_K8wtW814ZW) or (PERFORMER AND NOT ((segfault_code_QvpZlkIKYZ OR segfault_code_gkkbXR53kn OR segfault_code_t2KhNE8ZLC OR segfault_code_EJuwowCxlT OR segfault_code_BUiNfce9U8 OR segfault_msg_VBjLo6sRPb OR illegal_inst_msg_qqPrkC9R8y) OR timeout_K8wtW814ZW OR controlled_exit_WKc10jlQ05)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION None 132 None 134 None 135 None 136 None 139 None Segmentation fault None Illegal instruction None stonesoup_trace:weakness_start