101 lines
2.8 KiB
JSON
101 lines
2.8 KiB
JSON
{
|
|
"schema": "ground-truth-v1",
|
|
"sampleId": "sample:native:stripped-elf:001",
|
|
"generatedAt": "2025-12-13T12:00:00Z",
|
|
"generator": {
|
|
"name": "manual-annotation",
|
|
"version": "1.0.0",
|
|
"annotator": "scanner-guild"
|
|
},
|
|
"targets": [
|
|
{
|
|
"symbolId": "sym:binary:ossl_punycode_decode",
|
|
"display": "ossl_punycode_decode",
|
|
"purl": "pkg:deb/ubuntu/openssl@3.0.2?arch=amd64",
|
|
"expected": {
|
|
"latticeState": "SR",
|
|
"bucket": "direct",
|
|
"reachable": true,
|
|
"confidence": 0.85,
|
|
"pathLength": 4,
|
|
"path": [
|
|
"sym:binary:_start",
|
|
"sym:binary:main",
|
|
"sym:binary:SSL_connect",
|
|
"sym:binary:ossl_punycode_decode"
|
|
]
|
|
},
|
|
"reasoning": "punycode_decode is reachable via SSL certificate validation during SSL_connect - lower confidence due to stripped binary heuristics"
|
|
},
|
|
{
|
|
"symbolId": "sym:binary:sub_401000",
|
|
"display": "sub_401000 (heuristic function)",
|
|
"purl": "pkg:generic/app@1.0.0",
|
|
"expected": {
|
|
"latticeState": "U",
|
|
"bucket": "unknown",
|
|
"reachable": null,
|
|
"confidence": 0.4,
|
|
"pathLength": null,
|
|
"path": null
|
|
},
|
|
"reasoning": "Stripped symbol detected by heuristic CFG analysis - function boundaries uncertain"
|
|
}
|
|
],
|
|
"entryPoints": [
|
|
{
|
|
"symbolId": "sym:binary:_start",
|
|
"display": "_start",
|
|
"phase": "load",
|
|
"source": "e_entry"
|
|
},
|
|
{
|
|
"symbolId": "sym:binary:main",
|
|
"display": "main",
|
|
"phase": "runtime",
|
|
"source": "symbol"
|
|
},
|
|
{
|
|
"symbolId": "init:binary:0x401000",
|
|
"display": "DT_INIT_ARRAY[0]",
|
|
"phase": "init",
|
|
"source": "DT_INIT_ARRAY"
|
|
}
|
|
],
|
|
"expectedUncertainty": {
|
|
"states": [
|
|
{
|
|
"code": "U1",
|
|
"entropy": 0.35
|
|
}
|
|
],
|
|
"aggregateTier": "T2",
|
|
"riskScore": 0.25
|
|
},
|
|
"expectedGateDecisions": [
|
|
{
|
|
"vulnId": "CVE-2022-3602",
|
|
"targetSymbol": "sym:binary:ossl_punycode_decode",
|
|
"requestedStatus": "not_affected",
|
|
"expectedDecision": "block",
|
|
"expectedBlockedBy": "LatticeState",
|
|
"expectedReason": "SR state blocks not_affected - static analysis shows reachability"
|
|
},
|
|
{
|
|
"vulnId": "CVE-2022-3602",
|
|
"targetSymbol": "sym:binary:ossl_punycode_decode",
|
|
"requestedStatus": "affected",
|
|
"expectedDecision": "warn",
|
|
"expectedReason": "T2 uncertainty tier requires review for affected status"
|
|
},
|
|
{
|
|
"vulnId": "CVE-2022-3602",
|
|
"targetSymbol": "sym:binary:sub_401000",
|
|
"requestedStatus": "not_affected",
|
|
"expectedDecision": "block",
|
|
"expectedBlockedBy": "UncertaintyTier",
|
|
"expectedReason": "Unknown state with U1 uncertainty blocks not_affected without justification"
|
|
}
|
|
]
|
|
}
|