mirror of https://github.com/google/oss-fuzz.git
Add image of OpenSSL bug (#10850)
This commit is contained in:
parent
b27de28c78
commit
2e1b3b5773
Binary file not shown.
After Width: | Height: | Size: 307 KiB |
|
@ -205,6 +205,8 @@ The best result we’ve had is with the TinyXML2 project, where we managed to in
|
||||||
|
|
||||||
Additionally, we targeted OpenSSL from the perspective of discovering past vulnerabilities that were not found due to lack of fuzzing coverage. We were able to replicate [a similar fuzz target](https://storage.googleapis.com/oss-fuzz-llm-targets-public/openssl-ossl_punycode_decode/targets/15.c) that rediscovered [CVE-2022-3602](https://nvd.nist.gov/vuln/detail/CVE-2022-3602).
|
Additionally, we targeted OpenSSL from the perspective of discovering past vulnerabilities that were not found due to lack of fuzzing coverage. We were able to replicate [a similar fuzz target](https://storage.googleapis.com/oss-fuzz-llm-targets-public/openssl-ossl_punycode_decode/targets/15.c) that rediscovered [CVE-2022-3602](https://nvd.nist.gov/vuln/detail/CVE-2022-3602).
|
||||||
|
|
||||||
|
![alt_text]({{ site.baseurl }}/images/punycode.png "Stacktrace from LLM-generated target finding CVE-2022-3602")
|
||||||
|
|
||||||
|
|
||||||
# Future work
|
# Future work
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue