Using Hibernate to execute a dynamic SQL statement
with built-in user-controlled input can allow an attacker to
modify the statement's meaning or to execute arbitrary SQL commands.
jena.rdfcompare:arq.sparql:jena.rdfparse:jena.rdfcat:arq.wwwenc:jena.rdfcopy:arq.wwwdec:jena.schemagen:jena.turtle
$SS_TC_ROOT/$SS_TC_INSTALL/*:$SS_TC_DEPS/java/stonesoup/hibernate/mysql/*:$SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar
UNSPECIFIED
UNSPECIFIED
java $SS_JAVA_OPTS -Djava.library.path=$SS_TC_DEPS/lib64/ -Xmx1024M -Dlog4j.configuration=file:$SS_TC_ROOT/$SS_TC_INSTALL/jena-log4j.properties -cp "$SS_JAVA_CLASSPATH"
env ANT_HOME=$SS_TC_DEPS/ant ant $SS_ANT_OPTS -Dstonesoup.database.postgres.required=no -Dstonesoup.hibernate.postgres.required=no -Dstonesoup.hibernate.mysql.required=yes -Dstonesoup.database.mysql.required=no -Dstonesoup.socket.required=no -lib $SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar -Dstonesoup.socket.lib.dir="$SS_TC_DEPS/java/stonesoup/socket" -Dstonesoup.hibernate.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/mysql" -Dstonesoup.hibernate.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/postgres" -Dstonesoup.database.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/database/mysql" -Dstonesoup.database.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/database/postgres" -Dbin.lib.dir="$SS_TC_ROOT/$SS_TC_INSTALL" -Ddependencies.dir="$SS_TC_DEPS/java/jena" -Dstonesoup.lttng.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng" -Dstonesoup.lttng.dummy.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng-dummy" jar
Environment variable defining test value.
NONE
USA
/opt/stonesoup/workspace/scripts/northwind_create_northwind_sjwxhivokdazrdpr.sql
northwind_sjwxhivokdazrdpr
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfcompare $SS_TC_ROOT/testData/good-01/example.xml $SS_TC_ROOT/testData/good-01/example2.xml RDF/XML RDF/XML
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-01/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
Germany
/opt/stonesoup/workspace/scripts/northwind_create_northwind_pgvaxtbgoaurcwkd.sql
northwind_pgvaxtbgoaurcwkd
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.sparql --data=$SS_TC_ROOT/testData/good-02/vc-db-1.rdf --query=$SS_TC_ROOT/testData/good-02/q1.rq
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-02/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
Finland
/opt/stonesoup/workspace/scripts/northwind_create_northwind_zpbebhgmfydrpuqj.sql
northwind_zpbebhgmfydrpuqj
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.sparql --data=$SS_TC_ROOT/testData/good-03/vc-db-1.rdf --query=$SS_TC_ROOT/testData/good-03/q-bp1.rq
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-03/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
USA
/opt/stonesoup/workspace/scripts/northwind_create_northwind_zqoijpgbudaxjief.sql
northwind_zqoijpgbudaxjief
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfparse $SS_TC_ROOT/testData/good-04/example.xml
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-04/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
Germany
/opt/stonesoup/workspace/scripts/northwind_create_northwind_gqlmubnbehzjnjlb.sql
northwind_gqlmubnbehzjnjlb
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfcat -x $SS_TC_ROOT/testData/good-05/example.xml $SS_TC_ROOT/testData/good-05/example2.xml
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
GOOD-01 AND GOOD-02 AND GOOD-03 AND GOOD-04 AND GOOD-05 GOOD-06 AND GOOD-07 AND GOOD-08 AND GOOD-09 AND GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
<rdf:Description rdf:about="http://somewhere/RebeccaSmith/">
<vcard:N rdf:parseType="Resource">
<vcard:Family>Smith</vcard:Family>
<vcard:Given>Rebecca</vcard:Given>
</vcard:N>
<vcard:FN>Becky Smith</vcard:FN>
<vcard:N rdf:parseType="Resource">
<vcard:Family>Smith</vcard:Family>
<vcard:Given>Rebecca</vcard:Given>
</rdf:Description>
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
Finland
/opt/stonesoup/workspace/scripts/northwind_create_northwind_sbcgmizrhwltikuy.sql
northwind_sbcgmizrhwltikuy
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.turtle --check --strict good-06/example1.ttl
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
GOOD-06-01 AND GOOD-06-02 AND GOOD-06-03 AND GOOD-06-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-06/output1.txt
good-06/output2.txt
good-06/output3.txt
good-06/output4.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
USA
/opt/stonesoup/workspace/scripts/northwind_create_northwind_kwmdcbcvnpxjcrbz.sql
northwind_kwmdcbcvnpxjcrbz
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.schemagen --includeSource --noheader -i good-07/example1.ttl
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-07/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
Germany
/opt/stonesoup/workspace/scripts/northwind_create_northwind_bjqobgkymdgqbctq.sql
northwind_bjqobgkymdgqbctq
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.rset --in XML --results text --file $SS_TC_ROOT/testData/good-08/results.xml
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
GOOD-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-08/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
Finland
/opt/stonesoup/workspace/scripts/northwind_create_northwind_zxqtzzduzmraxuqn.sql
northwind_zxqtzzduzmraxuqn
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfcopy good-09/example1.ttl TURTLE RDF/XML
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
GOOD-09-01 AND GOOD-09-02 AND GOOD-09-03 AND GOOD-09-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-09/output1.txt
good-09/output2.txt
good-09/output3.txt
good-09/output4.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
USA
/opt/stonesoup/workspace/scripts/northwind_create_northwind_mhirxroxugfgydeu.sql
northwind_mhirxroxugfgydeu
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.qexpr '5 != 20'
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-10/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
EXECUTE_UNAUTHORIZED_CODE
x' or 'x'='x
/opt/stonesoup/workspace/scripts/northwind_create_northwind_didxhydahmeguaka.sql
northwind_didxhydahmeguaka
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfparse $SS_TC_ROOT/testData/good-04/example.xml
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
weakness_started_MrHxGiF8dkYtuvKS3vbr AND ((NOT PERFORMER AND (hibernate_sql_output_vNj4ozV06z OR hibernate_sql_output_yN9f8doVjK) AND NOT timeout_ppXfCtpfS7) or (PERFORMER AND NOT ((hibernate_sql_output_vNj4ozV06z OR hibernate_sql_output_yN9f8doVjK) OR timeout_ppXfCtpfS7)))
(NOT PERFORMER AND (hibernate_sql_output_vNj4ozV06z OR hibernate_sql_output_yN9f8doVjK) AND NOT timeout_ppXfCtpfS7) or (PERFORMER AND NOT ((hibernate_sql_output_vNj4ozV06z OR hibernate_sql_output_yN9f8doVjK) OR timeout_ppXfCtpfS7))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
logfile.txt
Zbyszek Piestrzeniewicz
logfile.txt
South House 300 Queensbridge
None
stonesoup_trace:weakness_start
Environment variable defining test value.
EXECUTE_UNAUTHORIZED_CODE
x' or city='London
/opt/stonesoup/workspace/scripts/northwind_create_northwind_mrgqsknagdngfxtu.sql
northwind_mrgqsknagdngfxtu
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.schemagen --includeSource --noheader -i good-07/example1.ttl
DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE;
weakness_started_c0d1vva1Zo2450eCXxmj AND ((NOT PERFORMER AND (hibernate_sql_output_fwmvDDZzM6 OR hibernate_sql_output_Afq1P59Phg) AND NOT timeout_qSWHH8IuXA) or (PERFORMER AND NOT ((hibernate_sql_output_fwmvDDZzM6 OR hibernate_sql_output_Afq1P59Phg) OR timeout_qSWHH8IuXA)))
(NOT PERFORMER AND (hibernate_sql_output_fwmvDDZzM6 OR hibernate_sql_output_Afq1P59Phg) AND NOT timeout_qSWHH8IuXA) or (PERFORMER AND NOT ((hibernate_sql_output_fwmvDDZzM6 OR hibernate_sql_output_Afq1P59Phg) OR timeout_qSWHH8IuXA))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
logfile.txt
Zbyszek Piestrzeniewicz
logfile.txt
South House 300 Queensbridge
None
stonesoup_trace:weakness_start