rabbit fix
Challenge Information
Project: shadowsocks
Type: full
Harnesses: 1
Vulnerabilities: 5
AFC Challenge Performance
Number of Unique Vulnerabilities Discovered: #
Number of Teams with Scoring PoVs: 5
Number of Teams with Scoring Patches: 4
Number of Teams with Scoring Bundles: 4
Total Points Scored for this Challenge: 77.19329653038471
What design decisions were considered for this challenge?
Mix of one-byte heap based vulnerabilities.
Why this set of vulnerabilities?
These vulnerabilities enable denial of service by triggering a segmentation fault through one-byte heap over-reads.
Delta vs Full and why?
Full scan challenge to see if all vulnerabilities could be patched.
Challenge Harnesses
- json_fuzz
Challenge Sarif Broadcast
Target .aixcc/vulns/shadowsocks-libev_0/vuln.yaml
Sarif is correct
PLACEHOLDER FOR SARIFChallenge Vulnerabilities
Heap Buffer Over-read
Vulnerability Information
Author: Dan
Harness: json_fuzz
CWE Classification: CWE-126
What functions and functionality is relevant?
json_parse_ex() in src/json.c.
Why is this vulnerable?
“Buffer Over-read #0” is a one-byte heap based “CWE-126 Buffer Over-read” in json_parse_ex().
Is this a replay and/or is inspired by anything?
This is not a replay.
What makes it interesting?
This vulnerability enables denial of service by triggering a segmentation fault through a one-byte heap over-read.
Heap Buffer Over-read
Vulnerability Information
Author: Dan
Harness: json_fuzz
CWE Classification: CWE-126
What functions and functionality is relevant?
json_parse_ex() in src/json.c.
Why is this vulnerable?
“Buffer Over-read #1” is a one-byte heap based “CWE-126 Buffer Over-read” in json_parse_ex().
Is this a replay and/or is inspired by anything?
This is not a replay.
What makes it interesting?
This vulnerability enables denial of service by triggering a segmentation fault through a one-byte heap over-read.
Heap Buffer Over-read
Vulnerability Information
Author: Dan
Harness: json_fuzz
CWE Classification: CWE-126
What functions and functionality is relevant?
json_parse_ex() in src/json.c.
Why is this vulnerable?
“Buffer Over-read #2” is a one-byte heap based “CWE-126 Buffer Over-read” in json_parse_ex().
Is this a replay and/or is inspired by anything?
This is not a replay.
What makes it interesting?
This vulnerability enables denial of service by triggering a segmentation fault through a one-byte heap over-read.
Heap Buffer Over-read
Vulnerability Information
Author: Dan
Harness: json_fuzz
CWE Classification: CWE-126
What functions and functionality is relevant?
json_parse_ex() in src/json.c.
Why is this vulnerable?
“Buffer Over-read #3” is a one-byte heap based “CWE-126 Buffer Over-read” in json_parse_ex().
Is this a replay and/or is inspired by anything?
This is not a replay.
What makes it interesting?
This vulnerability enables denial of service by triggering a segmentation fault through a one-byte heap over-read.
Heap Buffer Over-read
Vulnerability Information
Author: Dan
Harness: json_fuzz
CWE Classification: CWE-126
What functions and functionality is relevant?
json_parse_ex() in src/json.c.
Why is this vulnerable?
“Buffer Over-read #4” is a one-byte heap based “CWE-126 Buffer Over-read” in json_parse_ex().
Is this a replay and/or is inspired by anything?
This is not a replay.
What makes it interesting?
This vulnerability enables denial of service by triggering a segmentation fault through a one-byte heap over-read.