The system or application is vulnerable to file system contents
disclosure through path equivalence. Path equivalence involves the
use of special characters in file and directory names. The associated
manipulations are intended to generate multiple names for the same
object. This test will accept input of a file to read, but prohibits access
to file in the /etc directory. The input generates an equivalent name
/////etc/////passwd which bypasses the filter.
jena.rdfcompare:arq.sparql:jena.rdfparse:jena.rdfcat:arq.wwwenc:jena.rdfcopy:arq.wwwdec:jena.schemagen:jena.turtle
$SS_TC_ROOT/$SS_TC_INSTALL/*:$SS_TC_DEPS/java/stonesoup/socket/*:$SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar
UNSPECIFIED
UNSPECIFIED
java $SS_JAVA_OPTS -Djava.library.path=$SS_TC_DEPS/lib64/ -Xmx1024M -Dlog4j.configuration=file:$SS_TC_ROOT/$SS_TC_INSTALL/jena-log4j.properties -cp "$SS_JAVA_CLASSPATH"
env ANT_HOME=$SS_TC_DEPS/ant ant $SS_ANT_OPTS -Dstonesoup.database.postgres.required=no -Dstonesoup.hibernate.postgres.required=no -Dstonesoup.hibernate.mysql.required=no -Dstonesoup.database.mysql.required=no -Dstonesoup.socket.required=yes -lib $SS_TC_DEPS/java/stonesoup/lttng/lttng-stonesoup-0.1.jar -Dstonesoup.socket.lib.dir="$SS_TC_DEPS/java/stonesoup/socket" -Dstonesoup.hibernate.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/mysql" -Dstonesoup.hibernate.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/hibernate/postgres" -Dstonesoup.database.mysql.lib.dir="$SS_TC_DEPS/java/stonesoup/database/mysql" -Dstonesoup.database.postgres.lib.dir="$SS_TC_DEPS/java/stonesoup/database/postgres" -Dbin.lib.dir="$SS_TC_ROOT/$SS_TC_INSTALL" -Ddependencies.dir="$SS_TC_DEPS/java/jena" -Dstonesoup.lttng.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng" -Dstonesoup.lttng.dummy.lib.dir="$SS_TC_DEPS/java/stonesoup/lttng-dummy" jar
Environment variable defining test value.
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfcompare $SS_TC_ROOT/testData/good-01/example.xml $SS_TC_ROOT/testData/good-01/example2.xml RDF/XML RDF/XML
GOOD-01 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-01/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.sparql --data=$SS_TC_ROOT/testData/good-02/vc-db-1.rdf --query=$SS_TC_ROOT/testData/good-02/q1.rq
GOOD-02 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-02/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.sparql --data=$SS_TC_ROOT/testData/good-03/vc-db-1.rdf --query=$SS_TC_ROOT/testData/good-03/q-bp1.rq
GOOD-03 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-03/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfparse $SS_TC_ROOT/testData/good-04/example.xml
GOOD-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-04/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfcat -x $SS_TC_ROOT/testData/good-05/example.xml $SS_TC_ROOT/testData/good-05/example2.xml
GOOD-01 AND GOOD-02 AND GOOD-03 AND GOOD-04 AND GOOD-05 GOOD-06 AND GOOD-07 AND GOOD-08 AND GOOD-09 AND GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
<rdf:Description rdf:about="http://somewhere/RebeccaSmith/">
<vcard:N rdf:parseType="Resource">
<vcard:Family>Smith</vcard:Family>
<vcard:Given>Rebecca</vcard:Given>
</vcard:N>
<vcard:FN>Becky Smith</vcard:FN>
<vcard:N rdf:parseType="Resource">
<vcard:Family>Smith</vcard:Family>
<vcard:Given>Rebecca</vcard:Given>
</rdf:Description>
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.turtle --check --strict good-06/example1.ttl
GOOD-06-01 AND GOOD-06-02 AND GOOD-06-03 AND GOOD-06-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-06/output1.txt
good-06/output2.txt
good-06/output3.txt
good-06/output4.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.schemagen --includeSource --noheader -i good-07/example1.ttl
GOOD-07 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-07/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.rset --in XML --results text --file $SS_TC_ROOT/testData/good-08/results.xml
GOOD-08 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-08/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfcopy good-09/example1.ttl TURTLE RDF/XML
GOOD-09-01 AND GOOD-09-02 AND GOOD-09-03 AND GOOD-09-04 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-09/output1.txt
good-09/output2.txt
good-09/output3.txt
good-09/output4.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
NONE
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
arq.qexpr '5 != 20'
GOOD-10 AND NOT TIMEOUT AND NOT CONTROLLED_EXIT
good-10/output.txt
DOES_NOT_RETURN
CONTROLLED_EXIT
Environment variable defining test value.
READ_APPLICATION_DATA
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.rdfcopy good-09/example1.ttl TURTLE RDF/XML
weakness_started_PSjLMjBqnddHTQ00Ar4a AND ((NOT PERFORMER AND (etc_passwd_line_pattern_aqrTz2M5Ar OR etc_passwd_root_user_oBFi9dMYPm OR etc_group_line_pattern_0aQ9UFVQXm) AND NOT timeout_lxDSfe7iyD) or (PERFORMER AND NOT ((etc_passwd_line_pattern_aqrTz2M5Ar OR etc_passwd_root_user_oBFi9dMYPm OR etc_group_line_pattern_0aQ9UFVQXm) OR timeout_lxDSfe7iyD OR controlled_exit_PVKP2q2H5G)))
(NOT PERFORMER AND (etc_passwd_line_pattern_aqrTz2M5Ar OR etc_passwd_root_user_oBFi9dMYPm OR etc_group_line_pattern_0aQ9UFVQXm) AND NOT timeout_lxDSfe7iyD) or (PERFORMER AND NOT ((etc_passwd_line_pattern_aqrTz2M5Ar OR etc_passwd_root_user_oBFi9dMYPm OR etc_group_line_pattern_0aQ9UFVQXm) OR timeout_lxDSfe7iyD OR controlled_exit_PVKP2q2H5G))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
logfile.txt
.+:.+:[0-9]+:[0-9]+:.+:.+:.*
logfile.txt
^root:.*
logfile.txt
.+:x:[0-9]+:
None
stonesoup_trace:weakness_start
Environment variable defining test value.
READ_APPLICATION_DATA
$SS_TC_ROOT/logs/execute/lttng
$SS_TC_DEPS/lib64/liblttng-stonesoup-java.so:$SS_TC_DEPS/lib64/liblttng-ust-fork.so
jena.schemagen --includeSource --noheader -i good-07/example1.ttl
weakness_started_a7fbmayOP4FtmpYYbfLc AND ((NOT PERFORMER AND (etc_passwd_line_pattern_wCbAfBRJaC OR etc_passwd_root_user_MPgAQlG1RW OR etc_group_line_pattern_B7c1e2mTyd) AND NOT timeout_dMndVKxr5c) or (PERFORMER AND NOT ((etc_passwd_line_pattern_wCbAfBRJaC OR etc_passwd_root_user_MPgAQlG1RW OR etc_group_line_pattern_B7c1e2mTyd) OR timeout_dMndVKxr5c OR controlled_exit_eHRAsI98ag)))
(NOT PERFORMER AND (etc_passwd_line_pattern_wCbAfBRJaC OR etc_passwd_root_user_MPgAQlG1RW OR etc_group_line_pattern_B7c1e2mTyd) AND NOT timeout_dMndVKxr5c) or (PERFORMER AND NOT ((etc_passwd_line_pattern_wCbAfBRJaC OR etc_passwd_root_user_MPgAQlG1RW OR etc_group_line_pattern_B7c1e2mTyd) OR timeout_dMndVKxr5c OR controlled_exit_eHRAsI98ag))
DOES_NOT_RETURN
CONTROLLED_EXIT
CONTINUED_EXECUTION
logfile.txt
.+:.+:[0-9]+:[0-9]+:.+:.+:.*
logfile.txt
^root:.*
logfile.txt
.+:x:[0-9]+:
None
stonesoup_trace:weakness_start