{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2021:Z2PQMRT2OPQJTSZE2TED476K6P","short_pith_number":"pith:Z2PQMRT2","canonical_record":{"source":{"id":"2104.10466","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2021-04-21T11:30:04Z","cross_cats_sorted":["cs.SY","eess.SY"],"title_canon_sha256":"dbb3581472efcc2b44ae43e7147ddd4562f551e65d35da12b59265b3bede4511","abstract_canon_sha256":"d3f39f51f856ba372f3025a641ec77d88c69bf525655f85db47df19e74a3ec0f"},"schema_version":"1.0"},"canonical_sha256":"ce9f06467a73e099cb24d4c83e7fcaf3ec6a1e4d387dec6426b21c9d1226a6e5","source":{"kind":"arxiv","id":"2104.10466","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"2104.10466","created_at":"2026-07-05T02:34:02Z"},{"alias_kind":"arxiv_version","alias_value":"2104.10466v1","created_at":"2026-07-05T02:34:02Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.2104.10466","created_at":"2026-07-05T02:34:02Z"},{"alias_kind":"pith_short_12","alias_value":"Z2PQMRT2OPQJ","created_at":"2026-07-05T02:34:02Z"},{"alias_kind":"pith_short_16","alias_value":"Z2PQMRT2OPQJTSZE","created_at":"2026-07-05T02:34:02Z"},{"alias_kind":"pith_short_8","alias_value":"Z2PQMRT2","created_at":"2026-07-05T02:34:02Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2021:Z2PQMRT2OPQJTSZE2TED476K6P","target":"record","payload":{"canonical_record":{"source":{"id":"2104.10466","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2021-04-21T11:30:04Z","cross_cats_sorted":["cs.SY","eess.SY"],"title_canon_sha256":"dbb3581472efcc2b44ae43e7147ddd4562f551e65d35da12b59265b3bede4511","abstract_canon_sha256":"d3f39f51f856ba372f3025a641ec77d88c69bf525655f85db47df19e74a3ec0f"},"schema_version":"1.0"},"canonical_sha256":"ce9f06467a73e099cb24d4c83e7fcaf3ec6a1e4d387dec6426b21c9d1226a6e5","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-07-05T02:34:02.739726Z","signature_b64":"o00RKvUsRKRSN/Ntdw6L3FVsOqQT3aDOPoRcsXSOfYuk8xjWfyp71SCAxgyrtR1AuPffmFoutxRapQcPf8SWAQ==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"ce9f06467a73e099cb24d4c83e7fcaf3ec6a1e4d387dec6426b21c9d1226a6e5","last_reissued_at":"2026-07-05T02:34:02.739251Z","signature_status":"signed_v1","first_computed_at":"2026-07-05T02:34:02.739251Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"2104.10466","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-07-05T02:34:02Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"AkTgtZUEIjfj03MBaIaa9u2a7eXwjEI4xErOk9L/AIMAQJ3XRN7GBZX4BOwLsGV3p/tTRNBF2fflNQSEJgGoDA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-07-06T23:09:05.352430Z"},"content_sha256":"da32c220357c80ff3613c15a0093c7abe4492d3a55ea58d117262f2509240b0d","schema_version":"1.0","event_id":"sha256:da32c220357c80ff3613c15a0093c7abe4492d3a55ea58d117262f2509240b0d"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2021:Z2PQMRT2OPQJTSZE2TED476K6P","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"HDR-Fuzz: Detecting Buffer Overruns using AddressSanitizer Instrumentation and Fuzzing","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":["cs.SY","eess.SY"],"primary_cat":"cs.SE","authors_text":"Malathy Nagalakshmi, Raghavan Komondoor, Raveendra Kumar Medicherla, Tanya Sharma","submitted_at":"2021-04-21T11:30:04Z","abstract_excerpt":"Buffer-overruns are a prevalent vulnerability in software libraries and applications. Fuzz testing is one of the effective techniques to detect vulnerabilities in general. Greybox fuzzers such as AFL automatically generate a sequence of test inputs for a given program using a fitness-guided search process. A recently proposed approach in the literature introduced a buffer-overrun specific fitness metric called \"headroom\", which tracks how close each generated test input comes to exposing the vulnerabilities. That approach showed good initial promise, but is somewhat imprecise and expensive due"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"2104.10466","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"integrity":{"clean":true,"summary":{"advisory":0,"critical":0,"by_detector":{},"informational":0},"endpoint":"/pith/2104.10466/integrity.json","findings":[],"available":true,"detectors_run":[],"snapshot_sha256":"c28c3603d3b5d939e8dc4c7e95fa8dfce3d595e45f758748cecf8e644a296938"},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-07-05T02:34:02Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"CliOTLwpb78AFp6HlMHZUfigDnLris8y6ZjLoOu04qAlOs2R47kNPYrZCP9lqw2TxUjjX85KSI1wLt3i4QOpCQ==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-07-06T23:09:05.352997Z"},"content_sha256":"085752c998c4761030719efe3cf36346814557089a9d802928abc636ab756a56","schema_version":"1.0","event_id":"sha256:085752c998c4761030719efe3cf36346814557089a9d802928abc636ab756a56"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/Z2PQMRT2OPQJTSZE2TED476K6P/bundle.json","state_url":"https://pith.science/pith/Z2PQMRT2OPQJTSZE2TED476K6P/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/Z2PQMRT2OPQJTSZE2TED476K6P/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-07-06T23:09:05Z","links":{"resolver":"https://pith.science/pith/Z2PQMRT2OPQJTSZE2TED476K6P","bundle":"https://pith.science/pith/Z2PQMRT2OPQJTSZE2TED476K6P/bundle.json","state":"https://pith.science/pith/Z2PQMRT2OPQJTSZE2TED476K6P/state.json","well_known_bundle":"https://pith.science/.well-known/pith/Z2PQMRT2OPQJTSZE2TED476K6P/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2021:Z2PQMRT2OPQJTSZE2TED476K6P","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"d3f39f51f856ba372f3025a641ec77d88c69bf525655f85db47df19e74a3ec0f","cross_cats_sorted":["cs.SY","eess.SY"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2021-04-21T11:30:04Z","title_canon_sha256":"dbb3581472efcc2b44ae43e7147ddd4562f551e65d35da12b59265b3bede4511"},"schema_version":"1.0","source":{"id":"2104.10466","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"2104.10466","created_at":"2026-07-05T02:34:02Z"},{"alias_kind":"arxiv_version","alias_value":"2104.10466v1","created_at":"2026-07-05T02:34:02Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.2104.10466","created_at":"2026-07-05T02:34:02Z"},{"alias_kind":"pith_short_12","alias_value":"Z2PQMRT2OPQJ","created_at":"2026-07-05T02:34:02Z"},{"alias_kind":"pith_short_16","alias_value":"Z2PQMRT2OPQJTSZE","created_at":"2026-07-05T02:34:02Z"},{"alias_kind":"pith_short_8","alias_value":"Z2PQMRT2","created_at":"2026-07-05T02:34:02Z"}],"graph_snapshots":[{"event_id":"sha256:085752c998c4761030719efe3cf36346814557089a9d802928abc636ab756a56","target":"graph","created_at":"2026-07-05T02:34:02Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"integrity":{"available":true,"clean":true,"detectors_run":[],"endpoint":"/pith/2104.10466/integrity.json","findings":[],"snapshot_sha256":"c28c3603d3b5d939e8dc4c7e95fa8dfce3d595e45f758748cecf8e644a296938","summary":{"advisory":0,"by_detector":{},"critical":0,"informational":0}},"paper":{"abstract_excerpt":"Buffer-overruns are a prevalent vulnerability in software libraries and applications. Fuzz testing is one of the effective techniques to detect vulnerabilities in general. Greybox fuzzers such as AFL automatically generate a sequence of test inputs for a given program using a fitness-guided search process. A recently proposed approach in the literature introduced a buffer-overrun specific fitness metric called \"headroom\", which tracks how close each generated test input comes to exposing the vulnerabilities. That approach showed good initial promise, but is somewhat imprecise and expensive due","authors_text":"Malathy Nagalakshmi, Raghavan Komondoor, Raveendra Kumar Medicherla, Tanya Sharma","cross_cats":["cs.SY","eess.SY"],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2021-04-21T11:30:04Z","title":"HDR-Fuzz: Detecting Buffer Overruns using AddressSanitizer Instrumentation and Fuzzing"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"2104.10466","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:da32c220357c80ff3613c15a0093c7abe4492d3a55ea58d117262f2509240b0d","target":"record","created_at":"2026-07-05T02:34:02Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"d3f39f51f856ba372f3025a641ec77d88c69bf525655f85db47df19e74a3ec0f","cross_cats_sorted":["cs.SY","eess.SY"],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.SE","submitted_at":"2021-04-21T11:30:04Z","title_canon_sha256":"dbb3581472efcc2b44ae43e7147ddd4562f551e65d35da12b59265b3bede4511"},"schema_version":"1.0","source":{"id":"2104.10466","kind":"arxiv","version":1}},"canonical_sha256":"ce9f06467a73e099cb24d4c83e7fcaf3ec6a1e4d387dec6426b21c9d1226a6e5","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"ce9f06467a73e099cb24d4c83e7fcaf3ec6a1e4d387dec6426b21c9d1226a6e5","first_computed_at":"2026-07-05T02:34:02.739251Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-07-05T02:34:02.739251Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"o00RKvUsRKRSN/Ntdw6L3FVsOqQT3aDOPoRcsXSOfYuk8xjWfyp71SCAxgyrtR1AuPffmFoutxRapQcPf8SWAQ==","signature_status":"signed_v1","signed_at":"2026-07-05T02:34:02.739726Z","signed_message":"canonical_sha256_bytes"},"source_id":"2104.10466","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:da32c220357c80ff3613c15a0093c7abe4492d3a55ea58d117262f2509240b0d","sha256:085752c998c4761030719efe3cf36346814557089a9d802928abc636ab756a56"],"state_sha256":"88e77090cd1cc3d85b20df1542b6ad9447b6733c3cb5dd035e77d554258dbe3b"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"kiq58ijzW9tegjzg7b3OFr/CfQLYeqaFew41bVxjb3fjSnzxEMCKznsn4GcXQiO8w+IIWDkyfIEryiHA/KVIDg==","signed_message":"bundle_sha256_bytes","signed_at":"2026-07-06T23:09:05.355037Z","bundle_sha256":"ff722154d0d09ee2f3fe40a6b4d2ef5cd21874f26f3f26113503b4870fb139b4"}}