This test reads data from a sensitive file without checking
the return value, and then repeats the operation on a non-sensitive file,
then printing the second file. Technical Impact is information leakage.
jena.rdfcompare:arq.sparql:jena.rdfparse:jena.rdfcat:arq.wwwenc:jena.rdfcopy:arq.wwwdec:jena.schemagen:jena.turtle
$SS_TC_ROOT/$SS_TC_INSTALL/*:$SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar
UNSPECIFIED
UNSPECIFIED
java $SS_JAVA_OPTS -Djava.library.path=$SS_TC_DEPS/lib64/ -Xmx1024M -Dlog4j.configuration=file:$SS_TC_ROOT/$SS_TC_INSTALL/jena-log4j.properties -cp "$SS_JAVA_CLASSPATH"
env ANT_HOME=$SS_TC_DEPS/ant ant $SS_ANT_OPTS -Dstonesoup.database.postgres.required=no -Dstonesoup.hibernate.postgres.required=no -Dstonesoup.hibernate.mysql.required=no -Dstonesoup.database.mysql.required=no -Dstonesoup.socket.required=no -lib $SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar -Dstonesoup.socket.lib.dir="$SS_TC_DEPS/java/stonesoup/socket" -Dstonesoup.hibernate.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/mysql" -Dstonesoup.hibernate.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/postgres" -Dstonesoup.database.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/database/mysql" -Dstonesoup.database.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/database/postgres" -Dbin.lib.dir="$SS_TC_ROOT/$SS_TC_INSTALL" -Ddependencies.dir="$SS_TC_DEPS/java/jena" -Dstonesoup.lttng.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng" -Dstonesoup.lttng.dummy.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng-dummy" jar
Environment variables defining data file names
NONE
$SS_TC_ROOT/testData/liquefiable_lymphology.bin
sensitive.txt
root:x:0:0:root:/root:/bin/bash
other.txt
The quick brown fox jumps over the lazy dog.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfcompare $SS_TC_ROOT/testData/good-01/example.xml $SS_TC_ROOT/testData/good-01/example2.xml RDF/XML RDF/XML
GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-01/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variables defining data file names
NONE
$SS_TC_ROOT/testData/liquefiable_lymphology.bin
sensitive.txt
sshd:x:105:65534::/var/run/sshd:/usr/sbin/nologin
other.txt
Welcome to Linux Mint 14 Nadia (GNU/Linux 3.5.0-28-generic x86_64)
Welcome to Linux Mint
* Documentation: http://www.linuxmint.com
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.sparql --data=$SS_TC_ROOT/testData/good-02/vc-db-1.rdf --query=$SS_TC_ROOT/testData/good-02/q1.rq
GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-02/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variables defining data file names
NONE
$SS_TC_ROOT/testData/liquefiable_lymphology.bin
sensitive.txt
root:x:0:0:root:/root:/bin/bash
other.txt
The quick brown fox jumps over the lazy dog.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.sparql --data=$SS_TC_ROOT/testData/good-03/vc-db-1.rdf --query=$SS_TC_ROOT/testData/good-03/q-bp1.rq
GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-03/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variables defining data file names
NONE
$SS_TC_ROOT/testData/liquefiable_lymphology.bin
sensitive.txt
sshd:x:105:65534::/var/run/sshd:/usr/sbin/nologin
other.txt
Welcome to Linux Mint 14 Nadia (GNU/Linux 3.5.0-28-generic x86_64)
Welcome to Linux Mint
* Documentation: http://www.linuxmint.com
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfparse $SS_TC_ROOT/testData/good-04/example.xml
GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-04/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variables defining data file names
NONE
$SS_TC_ROOT/testData/liquefiable_lymphology.bin
sensitive.txt
root:x:0:0:root:/root:/bin/bash
other.txt
The quick brown fox jumps over the lazy dog.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfcat -x $SS_TC_ROOT/testData/good-05/example.xml $SS_TC_ROOT/testData/good-05/example2.xml
GOOD-01 AND GOOD-02 AND GOOD-03 AND GOOD-04 AND GOOD-05 GOOD-06 AND GOOD-07 AND GOOD-08 AND GOOD-09 AND GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
<rdf:Description rdf:about="http://somewhere/RebeccaSmith/">
<vcard:N rdf:parseType="Resource">
<vcard:Family>Smith</vcard:Family>
<vcard:Given>Rebecca</vcard:Given>
</vcard:N>
<vcard:FN>Becky Smith</vcard:FN>
<vcard:N rdf:parseType="Resource">
<vcard:Family>Smith</vcard:Family>
<vcard:Given>Rebecca</vcard:Given>
</rdf:Description>
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variables defining data file names
NONE
$SS_TC_ROOT/testData/liquefiable_lymphology.bin
sensitive.txt
sshd:x:105:65534::/var/run/sshd:/usr/sbin/nologin
other.txt
Welcome to Linux Mint 14 Nadia (GNU/Linux 3.5.0-28-generic x86_64)
Welcome to Linux Mint
* Documentation: http://www.linuxmint.com
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.turtle --check --strict good-06/example1.ttl
GOOD-06-01 AND GOOD-06-02 AND GOOD-06-03 AND GOOD-06-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-06/output1.txt
good-06/output2.txt
good-06/output3.txt
good-06/output4.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variables defining data file names
NONE
$SS_TC_ROOT/testData/liquefiable_lymphology.bin
sensitive.txt
root:x:0:0:root:/root:/bin/bash
other.txt
The quick brown fox jumps over the lazy dog.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.schemagen --includeSource --noheader -i good-07/example1.ttl
GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-07/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variables defining data file names
NONE
$SS_TC_ROOT/testData/liquefiable_lymphology.bin
sensitive.txt
sshd:x:105:65534::/var/run/sshd:/usr/sbin/nologin
other.txt
Welcome to Linux Mint 14 Nadia (GNU/Linux 3.5.0-28-generic x86_64)
Welcome to Linux Mint
* Documentation: http://www.linuxmint.com
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.rset --in XML --results text --file $SS_TC_ROOT/testData/good-08/results.xml
GOOD-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-08/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variables defining data file names
NONE
$SS_TC_ROOT/testData/liquefiable_lymphology.bin
sensitive.txt
root:x:0:0:root:/root:/bin/bash
other.txt
The quick brown fox jumps over the lazy dog.
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfcopy good-09/example1.ttl TURTLE RDF/XML
GOOD-09-01 AND GOOD-09-02 AND GOOD-09-03 AND GOOD-09-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-09/output1.txt
good-09/output2.txt
good-09/output3.txt
good-09/output4.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variables defining data file names
NONE
$SS_TC_ROOT/testData/liquefiable_lymphology.bin
sensitive.txt
sshd:x:105:65534::/var/run/sshd:/usr/sbin/nologin
other.txt
Welcome to Linux Mint 14 Nadia (GNU/Linux 3.5.0-28-generic x86_64)
Welcome to Linux Mint
* Documentation: http://www.linuxmint.com
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.qexpr '5 != 20'
GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-10/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variables defining data file names
READ_APPLICATION_DATA
$SS_TC_ROOT/testData/liquefiable_lymphology.bin
sensitive.txt
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh
sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/bin/sh
man:x:6:12:man:/var/cache/man:/bin/sh
lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh
news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh
proxy:x:13:13:proxy:/bin:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
list:x:38:38:Mailing List Manager:/var/list:/bin/sh
irc:x:39:39:ircd:/var/run/ircd:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/nonexistent:/bin/sh
libuuid:x:100:101::/var/lib/libuuid:/bin/sh
syslog:x:101:103::/home/syslog:/bin/false
messagebus:x:102:105::/var/run/dbus:/bin/false
avahi-autoipd:x:103:106:Avahi autoip daemon,,,:/var/lib/avahi-autoipd:/bin/false
usbmux:x:104:46:usbmux daemon,,,:/home/usbmux:/bin/false
kernoops:x:106:65534:Kernel Oops Tracking Daemon,,,:/:/bin/false
rtkit:x:107:114:RealtimeKit,,,:/proc:/bin/false
speech-dispatcher:x:108:29:Speech Dispatcher,,,:/var/run/speech-dispatcher:/bin/sh
colord:x:109:117:colord colour management daemon,,,:/var/lib/colord:/bin/false
avahi:x:111:120:Avahi mDNS daemon,,,:/var/run/avahi-daemon:/bin/false
hplip:x:112:7:HPLIP system user,,,:/var/run/hplip:/bin/false
pulse:x:113:121:PulseAudio daemon,,,:/var/run/pulse:/bin/false
saned:x:114:123::/home/saned:/bin/false
mdm:x:110:118:MDM Display Manager:/var/lib/mdm:/bin/false
sshd:x:105:65534::/var/run/sshd:/usr/sbin/nologin
statd:x:115:65534::/var/lib/nfs:/bin/false
ntp:x:116:128::/home/ntp:/bin/false
rabbitmq:x:117:129:RabbitMQ messaging server,,,:/var/lib/rabbitmq:/bin/false
celery:x:999:999::/var/lib/celery:/bin/false
boinc:x:118:130:BOINC core client,,,:/var/lib/boinc-client:/bin/false
other.txt
foo
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.sparql --data=$SS_TC_ROOT/testData/good-03/vc-db-1.rdf --query=$SS_TC_ROOT/testData/good-03/q-bp1.rq
weakness_started_XYSX137FxYRGHwLExCzK AND ((NOT PERFORMER AND (etc_passwd_line_pattern_3zViVH9THm OR etc_passwd_root_user_ud2HlkYlwY OR etc_group_line_pattern_vXFGXnbXBu) AND NOT timeout_AAvqyjbpV2) or (PERFORMER AND NOT ((etc_passwd_line_pattern_3zViVH9THm OR etc_passwd_root_user_ud2HlkYlwY OR etc_group_line_pattern_vXFGXnbXBu) OR timeout_AAvqyjbpV2)))
(NOT PERFORMER AND (etc_passwd_line_pattern_3zViVH9THm OR etc_passwd_root_user_ud2HlkYlwY OR etc_group_line_pattern_vXFGXnbXBu) AND NOT timeout_AAvqyjbpV2) or (PERFORMER AND NOT ((etc_passwd_line_pattern_3zViVH9THm OR etc_passwd_root_user_ud2HlkYlwY OR etc_group_line_pattern_vXFGXnbXBu) OR timeout_AAvqyjbpV2))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
logfile.txt
.+:.+:[0-9]+:[0-9]+:.+:.+:.*
logfile.txt
^root:.*
logfile.txt
.+:x:[0-9]+:
None
stonesoup_trace:weakness_start
Environment variables defining data file names
READ_APPLICATION_DATA
$SS_TC_ROOT/testData/liquefiable_lymphology.bin
sensitive.txt
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:someguy
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:someguy
voice:x:22:
cdrom:x:24:someguy
floppy:x:25:
tape:x:26:
sudo:x:27:someguy
audio:x:29:pulse,someguy
dip:x:30:someguy
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:someguy,boinc
sasl:x:45:
plugdev:x:46:someguy
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
libuuid:x:101:
crontab:x:102:
syslog:x:103:
fuse:x:104:someguy
messagebus:x:105:
avahi-autoipd:x:106:
lpadmin:x:107:someguy
ssl-cert:x:108:
netdev:x:109:someguy
mlocate:x:111:
ssh:x:112:
utempter:x:113:
rtkit:x:114:
bluetooth:x:115:
scanner:x:116:someguy
colord:x:117:
nopasswdlogin:x:119:
avahi:x:120:
pulse:x:121:
pulse-access:x:122:
saned:x:123:
vboxsf:x:124:
sambashare:x:125:someguy
mdm:x:118:
someguy:x:1000:
winbindd_priv:x:110:
_cvsadmin:x:126:
ntp:x:128:
rabbitmq:x:129:
celery:x:999:
boinc:x:130:
science:x:131:
other.txt
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.sparql --data=$SS_TC_ROOT/testData/good-03/vc-db-1.rdf --query=$SS_TC_ROOT/testData/good-03/q-bp1.rq
weakness_started_hN1ghrec2A6W5bW2nQAh AND ((NOT PERFORMER AND (etc_passwd_line_pattern_6FFr83kKqX OR etc_passwd_root_user_Zl3s3g42FW OR etc_group_line_pattern_ueOygRDvg8) AND NOT timeout_LAVVfges83) or (PERFORMER AND NOT ((etc_passwd_line_pattern_6FFr83kKqX OR etc_passwd_root_user_Zl3s3g42FW OR etc_group_line_pattern_ueOygRDvg8) OR timeout_LAVVfges83)))
(NOT PERFORMER AND (etc_passwd_line_pattern_6FFr83kKqX OR etc_passwd_root_user_Zl3s3g42FW OR etc_group_line_pattern_ueOygRDvg8) AND NOT timeout_LAVVfges83) or (PERFORMER AND NOT ((etc_passwd_line_pattern_6FFr83kKqX OR etc_passwd_root_user_Zl3s3g42FW OR etc_group_line_pattern_ueOygRDvg8) OR timeout_LAVVfges83))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
logfile.txt
.+:.+:[0-9]+:[0-9]+:.+:.+:.*
logfile.txt
^root:.*
logfile.txt
.+:x:[0-9]+:
None
stonesoup_trace:weakness_start