The software uses external input to construct a pathname that should be within a restricted directory, but it does not neutralize absolute path sequences such as '/abs/path' that can resolve to a location that is outside of that directory. This test takes in a filename to read. Since the provided filename isn't checked to ensure it doesn't contain an absolute path, it allows reading of any file on the system. TRUE org.elasticsearch.bootstrap.Elasticsearch $SS_TC_DEPS/java/elasticsearch/*:$SS_TC_ROOT/$SS_TC_INSTALL/*:$SS_TC_ROOT/$SS_TC_INSTALL/classes/*:$SS_TC_DEPS/java/stonesoup/socket/*:$SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar UNSPECIFIED UNSPECIFIED java $SS_JAVA_OPTS -Djava.library.path=$SS_TC_DEPS/lib64/ -cp "$SS_JAVA_CLASSPATH" env ANT_HOME=$SS_TC_DEPS/ant ant $SS_ANT_OPTS -Dstonesoup.database.postgres.required=no -Dstonesoup.hibernate.postgres.required=no -Dstonesoup.hibernate.mysql.required=no -Dstonesoup.database.mysql.required=no -Dstonesoup.socket.required=yes -lib $SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar -Dstonesoup.socket.lib.dir="$SS_TC_DEPS/java/stonesoup/socket" -Dstonesoup.hibernate.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/mysql" -Dstonesoup.hibernate.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/postgres" -Dstonesoup.database.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/database/mysql" -Dstonesoup.database.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/database/postgres" -Dmaven.build.dir=$SS_TC_ROOT/$SS_TC_INSTALL -Dmaven.repo.local="$SS_TC_DEPS/java/elasticsearch" -Dmaven.settings.offline=true -Dstonesoup.lttng.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng" -Dstonesoup.lttng.dummy.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng-dummy" package Add data Environment variable defining test value. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -Des.path.data="$SS_TC_ROOT/testData/good-01" org.elasticsearch.bootstrap.Elasticsearch GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-01/output.txt DOES_NOT_RETURN CONTROLLED_EXIT simple string query Environment variable defining test value. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -Des.path.data="$SS_TC_ROOT/testData/good-02" org.elasticsearch.bootstrap.Elasticsearch GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-02/output.txt DOES_NOT_RETURN CONTROLLED_EXIT get all data Environment variable defining test value. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -Des.path.data="$SS_TC_ROOT/testData/good-03" org.elasticsearch.bootstrap.Elasticsearch GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-03/output.txt DOES_NOT_RETURN CONTROLLED_EXIT add data Environment variable defining test value. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -Des.path.data="$SS_TC_ROOT/testData/good-04" org.elasticsearch.bootstrap.Elasticsearch OUTPUT AND (STATE-EXISTS AND STATE-HAS-CONTENT) AND (GLOBAL-EXISTS AND GLOBAL-HAS-CONTENT) AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-04/output.txt if [[ -a good-04/elasticsearch/nodes/0/indices/user/0/_state/state-2 ]]; then exit 0; else exit 1; fi; if [[ -a good-04/elasticsearch/nodes/0/_state/global-4 ]]; then exit 0; else exit 1; fi; if [[ -s good-04/elasticsearch/nodes/0/indices/user/0/_state/state-2 ]]; then exit 0; else exit 1; fi; if [[ -s good-04/elasticsearch/nodes/0/_state/global-4 ]]; then exit 0; else exit 1; fi; DOES_NOT_RETURN CONTROLLED_EXIT delete data Environment variable defining test value. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -Des.path.data="$SS_TC_ROOT/testData/good-05" org.elasticsearch.bootstrap.Elasticsearch OUTPUT AND (GLOBAL-EXISTS AND GLOBAL-HAS-CONTENT) AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-05/output.txt if [[ -a good-05/elasticsearch/nodes/0/_state/global-5 ]]; then exit 0; else exit 1; fi; if [[ -s good-05/elasticsearch/nodes/0/_state/global-5 ]]; then exit 0; else exit 1; fi; DOES_NOT_RETURN CONTROLLED_EXIT bulk add data Environment variable defining test value. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -Des.path.data="$SS_TC_ROOT/testData/good-06" org.elasticsearch.bootstrap.Elasticsearch HEAD AND TAIL AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-06/head.txt good-06/tail.txt DOES_NOT_RETURN CONTROLLED_EXIT filter without search query Environment variable defining test value. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -Des.path.data="$SS_TC_ROOT/testData/good-07" org.elasticsearch.bootstrap.Elasticsearch OUTPUT AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-07/output.txt DOES_NOT_RETURN CONTROLLED_EXIT tokenize with snowball analyzer Environment variable defining test value. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -Des.path.data="$SS_TC_ROOT/testData/good-08" org.elasticsearch.bootstrap.Elasticsearch HEAD AND TAIL AND SEARCH AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-08/head.txt good-08/tail.txt good-08/output.txt DOES_NOT_RETURN CONTROLLED_EXIT list indicies Environment variable defining test value. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -Des.path.data="$SS_TC_ROOT/testData/good-09" org.elasticsearch.bootstrap.Elasticsearch OUTPUT AND NOT TIMEOUT AND NOT CONTROLLED_EXIT movies 5 1 6 0 14.7kb 14.7kb DOES_NOT_RETURN CONTROLLED_EXIT drilling down Environment variable defining test value. NONE $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -Des.path.data="$SS_TC_ROOT/testData/good-10" org.elasticsearch.bootstrap.Elasticsearch OUTPUT AND NOT TIMEOUT AND NOT CONTROLLED_EXIT good-10/output.txt DOES_NOT_RETURN CONTROLLED_EXIT Environment variable defining test value. READ_APPLICATION_DATA $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -Des.path.data="$SS_TC_ROOT/testData/good-04" org.elasticsearch.bootstrap.Elasticsearch weakness_started_0rC8qTIH3luWjPsBj0D0 AND ((NOT PERFORMER AND (etc_passwd_line_pattern_8ZACLXkMdc OR etc_passwd_root_user_4rWGei8Hnl OR etc_group_line_pattern_JYHvoFSyNn) AND NOT timeout_CNfUN9GsLB) or (PERFORMER AND NOT ((etc_passwd_line_pattern_8ZACLXkMdc OR etc_passwd_root_user_4rWGei8Hnl OR etc_group_line_pattern_JYHvoFSyNn) OR timeout_CNfUN9GsLB OR controlled_exit_VeueG06TMR))) (NOT PERFORMER AND (etc_passwd_line_pattern_8ZACLXkMdc OR etc_passwd_root_user_4rWGei8Hnl OR etc_group_line_pattern_JYHvoFSyNn) AND NOT timeout_CNfUN9GsLB) or (PERFORMER AND NOT ((etc_passwd_line_pattern_8ZACLXkMdc OR etc_passwd_root_user_4rWGei8Hnl OR etc_group_line_pattern_JYHvoFSyNn) OR timeout_CNfUN9GsLB OR controlled_exit_VeueG06TMR)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION logfile.txt .+:.+:[0-9]+:[0-9]+:.+:.+:.* logfile.txt ^root:.* logfile.txt .+:x:[0-9]+: None stonesoup_trace:weakness_start Environment variable defining test value. READ_APPLICATION_DATA $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so -Des.path.data="$SS_TC_ROOT/testData/good-07" org.elasticsearch.bootstrap.Elasticsearch weakness_started_D80g0hu8WiiaAxxRPIex AND ((NOT PERFORMER AND (etc_passwd_line_pattern_aSajK1A0tA OR etc_passwd_root_user_qWBtFceRS0 OR etc_group_line_pattern_7VTcfJLTMZ) AND NOT timeout_12OzsUNbDx) or (PERFORMER AND NOT ((etc_passwd_line_pattern_aSajK1A0tA OR etc_passwd_root_user_qWBtFceRS0 OR etc_group_line_pattern_7VTcfJLTMZ) OR timeout_12OzsUNbDx OR controlled_exit_c7yp5nyf19))) (NOT PERFORMER AND (etc_passwd_line_pattern_aSajK1A0tA OR etc_passwd_root_user_qWBtFceRS0 OR etc_group_line_pattern_7VTcfJLTMZ) AND NOT timeout_12OzsUNbDx) or (PERFORMER AND NOT ((etc_passwd_line_pattern_aSajK1A0tA OR etc_passwd_root_user_qWBtFceRS0 OR etc_group_line_pattern_7VTcfJLTMZ) OR timeout_12OzsUNbDx OR controlled_exit_c7yp5nyf19)) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION logfile.txt .+:.+:[0-9]+:[0-9]+:.+:.+:.* logfile.txt ^root:.* logfile.txt .+:x:[0-9]+: None stonesoup_trace:weakness_start