Using Hibernate to execute a dynamic SQL statement with built-in user-controlled input can allow an attacker to modify the statement's meaning or to execute arbitrary SQL commands. FALSE org.apache.jmeter.NewDriver $SS_TC_ROOT/$SS_TC_INSTALL/classes/core:$SS_TC_ROOT/$SS_TC_INSTALL/classes/components:$SS_TC_ROOT/$SS_TC_INSTALL/classes/functions:$SS_TC_ROOT/$SS_TC_INSTALL/classes/jorphan:$SS_TC_ROOT/$SS_TC_INSTALL/classes/junit:$SS_TC_ROOT/$SS_TC_INSTALL/classes/monitor:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/ftp:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/http:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/java:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/jdbc:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/jms:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/ldap:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/mail:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/native:$SS_TC_ROOT/$SS_TC_INSTALL/classes/protocol/tcp:$SS_TC_ROOT/$SS_TC_INSTALL/classes/reports:$SS_TC_ROOT/$SS_TC_INSTALL/classes/res:$SS_TC_ROOT/$SS_TC_INSTALL/lib/*:$SS_TC_ROOT/$SS_TC_INSTALL/lib/opt/*:$SS_TC_DEPS/java/stonesoup/hibernate/mysql/*:$SS_TC_DEPS/java/stonesoup/socket/*:$SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar UNSPECIFIED UNSPECIFIED java $SS_JAVA_OPTS -Djava.library.path=$SS_TC_DEPS/lib64/ -cp $SS_JAVA_CLASSPATH -Djmeter.home="$SS_TC_ROOT/$SS_TC_INSTALL" org.apache.jmeter.NewDriver env ANT_HOME=$SS_TC_DEPS/ant ant $SS_ANT_OPTS -Dstonesoup.database.postgres.required=no -Dstonesoup.hibernate.postgres.required=no -Dstonesoup.hibernate.mysql.required=yes -Dstonesoup.database.mysql.required=no -Dstonesoup.socket.required=yes -lib $SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar -Dstonesoup.socket.lib.dir="$SS_TC_DEPS/java/stonesoup/socket" -Dstonesoup.hibernate.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/mysql" -Dstonesoup.hibernate.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/postgres" -Dstonesoup.database.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/database/mysql" -Dstonesoup.database.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/database/postgres" -Ddist.dir="$SS_TC_ROOT/$SS_TC_INSTALL" -Dbuild.dir="$SS_TC_ROOT/$SS_TC_INSTALL" -Dstonesoup.lttng.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng" -Dstonesoup.lttng.dummy.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng-dummy" compile prepare-resources prepare-nonjar-dist -Dbuild.dir=$SS_TC_ROOT/$SS_TC_INSTALL/classes cp -r lib $SS_TC_ROOT/$SS_TC_INSTALL cp -r bin $SS_TC_ROOT/$SS_TC_INSTALL Environment variable defining test value. NONE $SS_TC_ROOT/$SS_TC_INSTALL /opt/stonesoup/workspace/scripts/northwind_create_northwind_tirkknisxjbatpej.sql northwind_tirkknisxjbatpej $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-01/CSVSample.jmx DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE; STDOUT-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-01/CSVSample.jtl s="true" lb="Login as u1" rc="200" rm="OK" tn="Thread Group 1-1" dt="text" by="15" DOES_NOT_RETURN CONTROLLED_EXIT Environment variable defining test value. NONE $SS_TC_ROOT/$SS_TC_INSTALL /opt/stonesoup/workspace/scripts/northwind_create_northwind_nihregkbmjvegtyq.sql northwind_nihregkbmjvegtyq $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-02/http-test.jmx DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE; STDOUT-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-02/http-test.jtl good-02/http-test.jtl DOES_NOT_RETURN CONTROLLED_EXIT Environment variable defining test value. NONE $SS_TC_ROOT/$SS_TC_INSTALL /opt/stonesoup/workspace/scripts/northwind_create_northwind_goxzdweowbkuermo.sql northwind_goxzdweowbkuermo $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-03/http-test.jmx DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE; STDOUT-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-03/http-test.jtl good-03/http-test.jtl DOES_NOT_RETURN CONTROLLED_EXIT Environment variable defining test value. NONE $SS_TC_ROOT/$SS_TC_INSTALL /opt/stonesoup/workspace/scripts/northwind_create_northwind_khbsadobrwwpwxmr.sql northwind_khbsadobrwwpwxmr $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-04/http-test.jmx DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE; STATUS-CHECK-01 AND STATUS-CHECK-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT bash -c "if [[ $(grep -E '<httpSample s=\"true\" lb=\"Homepage\" rc=\"200\" rm=\"OK\" tn=\"Thread Group 1-[1-5]\" dt=\"text\"/>' ../testData/good-04/http-test.jtl | wc -l) -eq 50 ]]; then true; else false; fi" bash -c "if [[ $(grep -E '<httpSample s=\"true\" lb=\"PageOne\" rc=\"200\" rm=\"OK\" tn=\"Thread Group 1-[1-5]\" dt=\"text\"/>' ../testData/good-04/http-test.jtl | wc -l) -eq 50 ]]; then true; else false; fi" DOES_NOT_RETURN CONTROLLED_EXIT Environment variable defining test value. NONE $SS_TC_ROOT/$SS_TC_INSTALL /opt/stonesoup/workspace/scripts/northwind_create_northwind_nsdzzktiztbiemed.sql northwind_nsdzzktiztbiemed $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-05/http-test.jmx DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE; STDOUT-05 AND GOOD-05-HOSTNAME AND GOOD-05-LS AND GOOD-05-NETSTAT AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-05/http-test.jtl good-05/http-test.jtl if [[ -a good-05/hostname.out ]]; then exit 0; else exit 1; fi; if [[ -a good-05/ls.out ]]; then exit 0; else exit 1; fi; if [[ -a good-05/netstat.out ]]; then exit 0; else exit 1; fi; DOES_NOT_RETURN CONTROLLED_EXIT Environment variable defining test value. EXECUTE_UNAUTHORIZED_CODE $SS_TC_ROOT/$SS_TC_INSTALL /opt/stonesoup/workspace/scripts/northwind_create_northwind_qgsqrnagqzbojsyz.sql northwind_qgsqrnagqzbojsyz $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-03/http-test.jmx DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE; DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE; weakness_started_94GklDXazPPFVyNDKSDa AND ((NOT PERFORMER AND (hibernate_sql_output_1LbXwwUmeZ OR hibernate_sql_output_jhwnJu87WQ) AND NOT timeout_dGqs7VSqJp) or (PERFORMER AND NOT ((hibernate_sql_output_1LbXwwUmeZ OR hibernate_sql_output_jhwnJu87WQ) OR timeout_dGqs7VSqJp OR controlled_exit_Sk8CW1ruf7))) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION logfile.txt Zbyszek Piestrzeniewicz logfile.txt South House 300 Queensbridge None stonesoup_trace:weakness_start Environment variable defining test value. EXECUTE_UNAUTHORIZED_CODE $SS_TC_ROOT/$SS_TC_INSTALL /opt/stonesoup/workspace/scripts/northwind_create_northwind_jcugmavmnewsclai.sql northwind_jcugmavmnewsclai $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -n -t good-05/http-test.jmx DROP DATABASE IF EXISTS $SS_DBMYSQLDATABASE; weakness_started_hz3IsSvnBqcfq84WKooQ AND ((NOT PERFORMER AND (hibernate_sql_output_t5Fl6SiIpH OR hibernate_sql_output_8XHYlxM3R1) AND NOT timeout_ywpuHW3zs0) or (PERFORMER AND NOT ((hibernate_sql_output_t5Fl6SiIpH OR hibernate_sql_output_8XHYlxM3R1) OR timeout_ywpuHW3zs0 OR controlled_exit_ZGaDTEu2uC))) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION logfile.txt Zbyszek Piestrzeniewicz logfile.txt South House 300 Queensbridge None stonesoup_trace:weakness_start