This test creates a connection to the PGSQL database,
and creates a query string based on data in an environment
variable. This data is not checked for special elements, however, and
it is possible to construct a query string that performs unexpected
data retrievals or modifications.
stonesoup.jtree.Main
$SS_TC_ROOT/$SS_TC_INSTALL:$SS_TC_ROOT/$SS_TC_INSTALL/lib/*:$SS_TC_ROOT/$SS_TC_INSTALL/lib/opt/*:$SS_TC_DEPS/java/stonesoup/database/postgres/*:$SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar
UNSPECIFIED
UNSPECIFIED
java $SS_JAVA_OPTS -Djava.library.path=$SS_TC_DEPS/lib64/ -cp "$SS_JAVA_CLASSPATH" stonesoup.jtree.Main
env ANT_HOME=$SS_TC_DEPS/ant ant $SS_ANT_OPTS -Dstonesoup.database.postgres.required=yes -Dstonesoup.hibernate.postgres.required=no -Dstonesoup.hibernate.mysql.required=no -Dstonesoup.database.mysql.required=no -Dstonesoup.socket.required=no -lib $SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar -Dstonesoup.socket.lib.dir="$SS_TC_DEPS/java/stonesoup/socket" -Dstonesoup.hibernate.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/mysql" -Dstonesoup.hibernate.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/postgres" -Dstonesoup.database.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/database/mysql" -Dstonesoup.database.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/database/postgres" -Dstonesoup.lttng.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng" -Dstonesoup.lttng.dummy.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng-dummy" -Ddir.dist=$SS_TC_ROOT/$SS_TC_INSTALL build
cp -r lib $SS_TC_ROOT/$SS_TC_INSTALL
Environment variable defining test value.
NONE
$SS_TC_ROOT/testData/sobriety_signalman.bin
shipper1
/opt/stonesoup/workspace/scripts/northwind_create_northwindlower_vqhzdbrlrijolwrq.sql
northwindlower_vqhzdbrlrijolwrq
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
input/good-01
DROP DATABASE IF EXISTS $SS_DBPGDATABASE;
STDOUT-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-01/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/testData/sobriety_signalman.bin
NewShipper
/opt/stonesoup/workspace/scripts/northwind_create_northwindlower_iqsgclolqnftnrrj.sql
northwindlower_iqsgclolqnftnrrj
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
-l 1 input/good-02/
DROP DATABASE IF EXISTS $SS_DBPGDATABASE;
STDOUT-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-02/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/testData/sobriety_signalman.bin
ShippingCompany
/opt/stonesoup/workspace/scripts/northwind_create_northwindlower_setqhmmpbhsrsxgu.sql
northwindlower_setqhmmpbhsrsxgu
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
input/good-03/jtree-good-03.tar.gz
DROP DATABASE IF EXISTS $SS_DBPGDATABASE;
STDOUT-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-03/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/testData/sobriety_signalman.bin
shipper1
/opt/stonesoup/workspace/scripts/northwind_create_northwindlower_nbtofumhsvexedkq.sql
northwindlower_nbtofumhsvexedkq
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
-l 2 input/good-04/jtree-good-04.tar.gz
DROP DATABASE IF EXISTS $SS_DBPGDATABASE;
STDOUT-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-04/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/testData/sobriety_signalman.bin
NewShipper
/opt/stonesoup/workspace/scripts/northwind_create_northwindlower_ddeiccazgysvlrem.sql
northwindlower_ddeiccazgysvlrem
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
input/good-01/ input/good-02/ input/good-03/jtree-good-03.tar.gz input/good-04/jtree-good-04.tar.gz
DROP DATABASE IF EXISTS $SS_DBPGDATABASE;
STDOUT-05-01 AND STDOUT-05-02 AND STDOUT-05-03 AND STDOUT-05-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-05/output1.txt
good-05/output2.txt
good-05/output3.txt
good-05/output4.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
EXECUTE_UNAUTHORIZED_CODE
$SS_TC_ROOT/testData/sobriety_signalman.bin
BadShipper'), ('80', 'BadShipper2
/opt/stonesoup/workspace/scripts/northwind_create_northwindlower_iapxkaswijpqfpsw.sql
northwindlower_iapxkaswijpqfpsw
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
input/good-03/jtree-good-03.tar.gz
DROP DATABASE IF EXISTS $SS_DBPGDATABASE;
weakness_started_V7VB4fUpOl3oj0hFKcJp AND ((NOT PERFORMER AND (db_sql_output_4JOo0izlND OR db_sql_output_k0Zd0F3Dl7 OR database_insert_check_FOZhaS4KeK) AND NOT timeout_bL4hNwqVoS) or (PERFORMER AND NOT ((db_sql_output_4JOo0izlND OR db_sql_output_k0Zd0F3Dl7 OR database_insert_check_FOZhaS4KeK) OR timeout_bL4hNwqVoS)))
(NOT PERFORMER AND (db_sql_output_4JOo0izlND OR db_sql_output_k0Zd0F3Dl7 OR database_insert_check_FOZhaS4KeK) AND NOT timeout_bL4hNwqVoS) or (PERFORMER AND NOT ((db_sql_output_4JOo0izlND OR db_sql_output_k0Zd0F3Dl7 OR database_insert_check_FOZhaS4KeK) OR timeout_bL4hNwqVoS))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
logfile.txt
Number of Rows Affected: 2
logfile.txt
Number of Rows Affected: 4
export PGPASSWORD=$DBPGPASSWORD; if `psql -U $DBPGUSER -h $DBPGHOST -d $SS_DBPGDATABASE -c "select * from shippers;" | grep -q "BadShipper2\|ShipAttack"`; then true; else false; fi;
None
stonesoup_trace:weakness_start
Environment variable defining test value.
EXECUTE_UNAUTHORIZED_CODE
$SS_TC_ROOT/testData/sobriety_signalman.bin
ShippersRUs'), ('55', 'BadShips'), ('65', 'ShipAttack'), ('45', 'MultiShip
/opt/stonesoup/workspace/scripts/northwind_create_northwindlower_ehptswnmswxrbsdb.sql
northwindlower_ehptswnmswxrbsdb
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
-l 2 input/good-04/jtree-good-04.tar.gz
DROP DATABASE IF EXISTS $SS_DBPGDATABASE;
weakness_started_BpUTrfCqou90QteqQ8AP AND ((NOT PERFORMER AND (db_sql_output_bVnqOLSB4k OR db_sql_output_BZsS0DMjg0 OR database_insert_check_zy9VKoLKAc) AND NOT timeout_SVIqsqcgc9) or (PERFORMER AND NOT ((db_sql_output_bVnqOLSB4k OR db_sql_output_BZsS0DMjg0 OR database_insert_check_zy9VKoLKAc) OR timeout_SVIqsqcgc9)))
(NOT PERFORMER AND (db_sql_output_bVnqOLSB4k OR db_sql_output_BZsS0DMjg0 OR database_insert_check_zy9VKoLKAc) AND NOT timeout_SVIqsqcgc9) or (PERFORMER AND NOT ((db_sql_output_bVnqOLSB4k OR db_sql_output_BZsS0DMjg0 OR database_insert_check_zy9VKoLKAc) OR timeout_SVIqsqcgc9))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
logfile.txt
Number of Rows Affected: 2
logfile.txt
Number of Rows Affected: 4
export PGPASSWORD=$DBPGPASSWORD; if `psql -U $DBPGUSER -h $DBPGHOST -d $SS_DBPGDATABASE -c "select * from shippers;" | grep -q "BadShipper2\|ShipAttack"`; then true; else false; fi;
None
stonesoup_trace:weakness_start