results.sarif

{
  "$schema": "https://json.schemastore.org/sarif-2.1.0.json",
  "version": "2.1.0",
  "runs": [
    {
      "tool": {
        "driver": {
          "name": "cifuzz",
          "rules": [
            {
              "id": "heap_buffer_overflow",
              "name": "Heap Buffer Overflow",
              "shortDescription": {
                "text": "Heap Buffer Overflow"
              },
              "fullDescription": {
                "text": "A heap buffer overflow is a type of a memory corruption vulnerability that is widely used for different types of attacks. A successful heap buffer overflow attack can be used to read sensitive data in memory, or write and execute code in it."
              },
              "help": {
                "text": "A heap buffer overflow is a type of a memory corruption vulnerability that is widely used for different types of attacks. A successful heap buffer overflow attack can be used to read sensitive data in memory, or write and execute code in it.\n\nA programmer can follow the following guidelines to help avoid buffer overflows: When using functions which copy a given size from memory, ensure that the target buffer has a size large enough for the amount of data to be copied. Always make sure to access the buffer within its defined boundaries, checking on each access."
              },
              "properties": {
                "id": "",
                "kind": "",
                "name": "",
                "problem": {
                  "severity": "error"
                },
                "problem.severity": "error",
                "security-severity": "9.0"
              }
            }
          ]
        }
      },
      "results": [
        {
          "ruleId": "heap_buffer_overflow",
          "message": {
            "text": "Heap Buffer Overflow \"philosophical_panther\" found in src/explore_me.cpp:18:11\n \nCrashing input (base64): RlVaWklORwD/29tb3dvb\n \nStack trace:\n1: exploreMe   (src/explore_me.cpp:18:11)\n2: LLVMFuzzerTestOneInputNoReturn   (cifuzz-spark/fuzz_exploreMe.cpp:19:3)\n"
          },
          "locations": [
            {
              "physicalLocation": {
                "artifactLocation": {
                  "uri": "src/explore_me.cpp"
                },
                "region": {
                  "startLine": 18,
                  "endLine": 18,
                  "startColumn": 11,
                  "endColumn": 11
                }
              }
            }
          ],
          "partialFingerprints": {
            "primaryLocationLineHash": "philosophical_panther"
          }
        }
      ]
    }
  ]
}