You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Thank you for this challenging and useful dataset. After reviewing some of the php bugs manually, I currently believe
MAE006 appears to be untriggerable with the current harness. The harness sets read_thumbnail=0. Consequently, ImageInfo.Thumbnail.data remains 0 and hence, the logical AND of MAE006 short circuits. Moreover, this effect results in an early exit from exif_scan_thumbnail; this likely explains why bugs MAE010 and MAE015 have never been reached.
MAE004 can be triggered by the current harness, but it is not detected by Magma. The bug condition relies on an architecture-dependent SIZE_MAX. Since dir_offset is a 32-bit value, the detection logic fails. The original bug report here confirms this property.
I am happy to provide POCs for demonstrability of both.
Given this information, should these bugs be moved to the graveyard or should the harnesses be fixed? What do you think?
The text was updated successfully, but these errors were encountered:
Thank you for this challenging and useful dataset. After reviewing some of the
phpbugs manually, I currently believeMAE006appears to be untriggerable with the current harness. The harness setsread_thumbnail=0. Consequently,ImageInfo.Thumbnail.dataremains 0 and hence, the logical AND of MAE006 short circuits. Moreover, this effect results in an early exit fromexif_scan_thumbnail; this likely explains why bugsMAE010andMAE015have never been reached.MAE004can be triggered by the current harness, but it is not detected by Magma. The bug condition relies on an architecture-dependentSIZE_MAX. Sincedir_offsetis a 32-bit value, the detection logic fails. The original bug report here confirms this property.I am happy to provide POCs for demonstrability of both.
Given this information, should these bugs be moved to the graveyard or should the harnesses be fixed? What do you think?
The text was updated successfully, but these errors were encountered: