Add image of OpenSSL bug (#10850)

google · Aug 16, 2023 · 2e1b3b5 · 2e1b3b5
1 parent b27de28
commit 2e1b3b5
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/docs/images/punycode.png b/docs/images/punycode.png
diff --git a/docs/research/target_generation.md b/docs/research/target_generation.md
@@ -203,7 +203,9 @@ The best result we’ve had is with the TinyXML2 project, where we managed to in
 ![alt_text]({{ site.baseurl }}/images/tinyxml2_examples.png "image_tooltip")
 
 
-Additionally, we targeted OpenSSL from the perspective of discovering past vulnerabilities that were not found due to lack of fuzzing coverage. We were able to replicate [a similar fuzz target](https://storage.googleapis.com/oss-fuzz-llm-targets-public/openssl-ossl_punycode_decode/targets/15.c) that rediscovered [CVE-2022-3602](https://nvd.nist.gov/vuln/detail/CVE-2022-3602). 
+Additionally, we targeted OpenSSL from the perspective of discovering past vulnerabilities that were not found due to lack of fuzzing coverage. We were able to replicate [a similar fuzz target](https://storage.googleapis.com/oss-fuzz-llm-targets-public/openssl-ossl_punycode_decode/targets/15.c) that rediscovered [CVE-2022-3602](https://nvd.nist.gov/vuln/detail/CVE-2022-3602).
+
+![alt_text]({{ site.baseurl }}/images/punycode.png "Stacktrace from LLM-generated target finding CVE-2022-3602")
 
 
 # Future work