kev tso tawm tshiab ntawm ib pob rau kev ua cov duab thiab hloov dua siab tshiab
, uas tshem tawm 52 qhov muaj peev xwm muaj peev xwm pom tau thaum lub sijhawm sim fuzzing los ntawm qhov project .
Nyob rau hauv tag nrho, txij thaum Lub Ob Hlis 2018, OSS-Fuzz tau txheeb xyuas 343 teeb meem, ntawm 331 tau raug kho nyob rau hauv GraphicsMagick (rau qhov seem 12, lub sijhawm kho 90 hnub tseem tsis tau tas sijhawm). Cais
uas OSS-Fuzz kuj tseem siv los txheeb xyuas qhov project cuam tshuam , nyob rau hauv uas ntau tshaj 100 qhov teeb meem tam sim no tseem tsis tau daws, cov ntaub ntawv hais txog qhov uas twb muaj rau pej xeem tom qab lub sij hawm kho tau tas sij hawm.
Ntxiv rau cov teeb meem uas muaj peev xwm txheeb xyuas los ntawm OSS-Fuzz qhov project, GraphicsMagick 1.3.32 kuj tseem hais txog 14 qhov tsis muaj qhov tsis txaus siab thaum ua cov duab tshwj xeeb hauv SVG, BMP, DIB, MIFF, MAT, MNG, TGA,
TIFF, WMF and XWD. Kev txhim kho tsis muaj kev ruaj ntseg suav nrog kev txhawb nqa ntxiv rau WebP thiab muaj peev xwm sau cov duab hauv Braille hom rau saib los ntawm qhov muag tsis pom.
Kuj tau sau tseg yog qhov kev tshem tawm ntawm GraphicsMagick 1.3.32 ntawm ib qho tshwj xeeb uas tuaj yeem siv los ua kom cov ntaub ntawv xau. Qhov teeb meem cuam tshuam txog kev tuav ntawm "@filename" sau rau SVG thiab WMF hom ntawv, uas tso cai rau cov ntawv uas muaj nyob rau hauv cov ntaub ntawv teev tseg kom tso tawm rau sab saum toj ntawm daim duab lossis suav nrog hauv metadata. Muaj peev xwm, yog tias cov ntawv thov hauv web tsis muaj qhov kev lees paub zoo ntawm cov khoom nkag, cov neeg tawm tsam tuaj yeem siv qhov no kom tau txais cov ntsiab lus ntawm cov ntaub ntawv los ntawm lub server, piv txwv li, nkag mus rau cov yuam sij thiab cov passwords khaws tseg. Qhov teeb meem kuj tshwm sim hauv ImageMagick.
Tau qhov twg los: opennet.ru