The product does not properly check inputs that are used for loop conditions, potentially leading to a denial of service because of excessive looping. This test will try to access a user-controlled file, repeatedly trying if the access fails. The user provides an intentionally bad path, forcing the software to wait forever. org.apache.poi.hwpf.converter.WordToHtmlConverter:org.apache.poi.hslf.extractor.QuickButCruddyTextExtractor:org.apache.poi.hpbf.extractor.PublisherTextExtractor:org.apache.poi.hwpf.extractor.WordExtractor:org.apache.poi.hssf.converter.ExcelToHtmlConverter:org.apache.poi.hpsf.examples.ReadTitle:org.apache.poi.hssf.extractor.ExcelExtractorPassworded:org.apache.poi.hdgf.extractor.VisioTextExtractor:org.apache.poi.hssf.extractor.ExcelExtractor:org.apache.poi.ss.examples.ToCSV $SS_TC_DEPS/java/poi/*:$SS_TC_ROOT/$SS_TC_INSTALL:$SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar UNSPECIFIED UNSPECIFIED java $SS_JAVA_OPTS -Djava.library.path=$SS_TC_DEPS/lib64/ -cp "$SS_JAVA_CLASSPATH" env ANT_HOME=$SS_TC_DEPS/ant ant $SS_ANT_OPTS -Dstonesoup.database.postgres.required=no -Dstonesoup.hibernate.postgres.required=no -Dstonesoup.hibernate.mysql.required=no -Dstonesoup.database.mysql.required=no -Dstonesoup.socket.required=no -lib $SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar -Dmaven.repo.local="$SS_TC_DEPS/java/poi" -Dstonesoup.socket.lib.dir="$SS_TC_DEPS/java/stonesoup/socket" -Dstonesoup.hibernate.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/mysql" -Dstonesoup.hibernate.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/postgres" -Dstonesoup.database.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/database/mysql" -Dstonesoup.database.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/database/postgres" -Dmain.output.dir=$SS_TC_ROOT/$SS_TC_INSTALL -Dscratchpad.output.dir=$SS_TC_ROOT/$SS_TC_INSTALL -Dooxml.output.dir=$SS_TC_ROOT/$SS_TC_INSTALL -Dexcelant.output.dir=$SS_TC_ROOT/$SS_TC_INSTALL -Ddisconnected=true -Dmain.lib="$SS_TC_DEPS/java/poi/" -Dooxml.lib="$SS_TC_DEPS/java/poi" -DDSTAMP=CURRENT -Dstonesoup.lttng.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng" -Dstonesoup.lttng.dummy.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng-dummy" jar cp -r $SS_TC_ROOT/src/build/examples-classes/org/apache/poi/* $SS_TC_ROOT/$SS_TC_INSTALL/org/apache/poi convert a .doc to HTML Environment variable defining test value. NONE $SS_TC_ROOT/testData/sinder_shipbroken.bin /etc/passwd $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so org.apache.poi.hwpf.converter.WordToHtmlConverter $SS_TC_ROOT/testData/good-01/ss-word.doc $SS_TC_ROOT/testData/good-01/ss-word.html GOOD-01-FILE good-01/ss-word.html good-01/ss-word.html extract a PPT file Environment variable defining test value. NONE $SS_TC_ROOT/testData/sinder_shipbroken.bin tempfile.txt data $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so org.apache.poi.hslf.extractor.QuickButCruddyTextExtractor $SS_TC_ROOT/testData/good-02/examplePPT.ppt GOOD-02-STDOUT good-02/output.txt extract a .pub (Publisher) file Environment variable defining test value. NONE $SS_TC_ROOT/testData/sinder_shipbroken.bin /etc/passwd $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so org.apache.poi.hpbf.extractor.PublisherTextExtractor $SS_TC_ROOT/testData/good-03/ss-pub.pub GOOD-03-STDOUT good-03/output.txt extract a .doc file Environment variable defining test value. NONE $SS_TC_ROOT/testData/sinder_shipbroken.bin tempfile.txt data $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so org.apache.poi.hwpf.extractor.WordExtractor $SS_TC_ROOT/testData/good-04/ss-word.doc GOOD-04-STDOUT good-04/output.txt convert .xls file to html Environment variable defining test value. NONE $SS_TC_ROOT/testData/sinder_shipbroken.bin /etc/passwd $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so org.apache.poi.hssf.converter.ExcelToHtmlConverter $SS_TC_ROOT/testData/good-05/ss-excel.xls $SS_TC_ROOT/testData/good-05/ss-excel.html GOOD-05-STDOUT AND GOOD-05-FILE good-05/output.txt good-05/ss-excel.html good-05/ss-excel.html read title metadata from .xls file Environment variable defining test value. NONE $SS_TC_ROOT/testData/sinder_shipbroken.bin tempfile.txt data $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so org.apache.poi.hpsf.examples.ReadTitle good-06/ss-excel.xls GOOD-06-STDOUT good-06/output.txt extract a password-protected .xls file Environment variable defining test value. NONE $SS_TC_ROOT/testData/sinder_shipbroken.bin /etc/passwd $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so org.apache.poi.hssf.extractor.ExcelExtractorPassworded -i good-07/ss-excel-passworded.xls GOOD-07-STDOUT good-07/output.txt extract text from a .vsd file (Visio) Environment variable defining test value. NONE $SS_TC_ROOT/testData/sinder_shipbroken.bin tempfile.txt data $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so org.apache.poi.hdgf.extractor.VisioTextExtractor good-08/BlkDia.vsd GOOD-08-STDOUT good-08/output.txt extract a xls file Environment variable defining test value. NONE $SS_TC_ROOT/testData/sinder_shipbroken.bin /etc/passwd $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so org.apache.poi.hssf.extractor.ExcelExtractor -i good-09/ss-excel.xls GOOD-09-STDOUT good-09/output.txt extract a .xls file to csv Environment variable defining test value. NONE $SS_TC_ROOT/testData/sinder_shipbroken.bin tempfile.txt data $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so org.apache.poi.ss.examples.ToCSV good-10/ss-excel.xls good-10/ GOOD-10-FILE good-10/ss-excel.csv good-10/ss-excel.csv Environment variable defining test value. DOS_BLOCKING $SS_TC_ROOT/testData/sinder_shipbroken.bin doesntexist.txt $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so org.apache.poi.ss.examples.ToCSV good-10/ss-excel.xls good-10/ weakness_started_vSKqXajbqNRYS4rokwqc AND ((NOT PERFORMER AND (timeout_dLgdhUqqPf OR (NOT (finished_KIspBHxSAi AND finished_cTUvSs2ewv) AND NOT (controlled_exit_jt3sHzcwdc OR continued_execution_0DLBort9wC)))) or (PERFORMER AND NOT ((timeout_dLgdhUqqPf OR (NOT (finished_KIspBHxSAi AND finished_cTUvSs2ewv) AND NOT (controlled_exit_jt3sHzcwdc OR continued_execution_0DLBort9wC)))))) (NOT PERFORMER AND (timeout_dLgdhUqqPf OR (NOT (finished_KIspBHxSAi AND finished_cTUvSs2ewv) AND NOT (controlled_exit_jt3sHzcwdc OR continued_execution_0DLBort9wC)))) or (PERFORMER AND NOT ((timeout_dLgdhUqqPf OR (NOT (finished_KIspBHxSAi AND finished_cTUvSs2ewv) AND NOT (controlled_exit_jt3sHzcwdc OR continued_execution_0DLBort9wC))))) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION if (( $(/bin/grep "Found file." "logfile.txt" | wc -l) > 0 )); then true; else false; fi; if (( $(/bin/grep -E 'Reading ".+"' "logfile.txt" | wc -l) > 0 )); then true; else false; fi; None stonesoup_trace:weakness_start Environment variable defining test value. DOS_BLOCKING $SS_TC_ROOT/testData/sinder_shipbroken.bin alsodoesntexist.dat $SS_TC_ROOT/logs/execute/lttng $SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so org.apache.poi.hpsf.examples.ReadTitle good-06/ss-excel.xls weakness_started_SzRF8a2cc3b7b3F46wUt AND ((NOT PERFORMER AND (timeout_qZhq7FfT87 OR (NOT (finished_BnCma9M4Gx AND finished_JXOmEBxNZW) AND NOT (controlled_exit_7qc0nMkl5j OR continued_execution_EKyXlYnMEW)))) or (PERFORMER AND NOT ((timeout_qZhq7FfT87 OR (NOT (finished_BnCma9M4Gx AND finished_JXOmEBxNZW) AND NOT (controlled_exit_7qc0nMkl5j OR continued_execution_EKyXlYnMEW)))))) (NOT PERFORMER AND (timeout_qZhq7FfT87 OR (NOT (finished_BnCma9M4Gx AND finished_JXOmEBxNZW) AND NOT (controlled_exit_7qc0nMkl5j OR continued_execution_EKyXlYnMEW)))) or (PERFORMER AND NOT ((timeout_qZhq7FfT87 OR (NOT (finished_BnCma9M4Gx AND finished_JXOmEBxNZW) AND NOT (controlled_exit_7qc0nMkl5j OR continued_execution_EKyXlYnMEW))))) DOES_NOT_RETURN CONTROLLED_EXIT CONTINUED_EXECUTION if (( $(/bin/grep "Found file." "logfile.txt" | wc -l) > 0 )); then true; else false; fi; if (( $(/bin/grep -E 'Reading ".+"' "logfile.txt" | wc -l) > 0 )); then true; else false; fi; None stonesoup_trace:weakness_start