Iām a PhD student at UCSB SecLab, advised by Prof. Giovanni Vigna and Prof. Christopher Kruegel. My research mainly focus on improving software quality. I have successfully found more than 20 bugs in PDF readers such as Adobe Acrobat Reader and Foxit PDF Reader and and have assisted developers in fixing them. Additionally, I participated in CTFs as a member of Shellphish.
š„ News
- 2022.12: Ā šš One paper is accepted by ICSE 2023!
š Educations
- 2024.09 - now, Ph.D., Department of Computer Science, UC Santa Barbara.
š Publications
Operand-Variation-Oriented Differential Analysis for Fuzzing Binding Calls in PDF Readers
Suyue Guo, Xinyu Wang, Wei You, Bin Liang, Wenchang Shi, Yiwei Zhang, Jianjun Huang, Jian Zhang
- Artifact Evaluated with Reusable and Available badges.
š Honors and Awards
- 2020.11 National Scholarship(the highest honor for Chinese undergraduates).
- 2021 Defcon World Final 7th(with Nu1L Team).
I have found more than 20 bugs in the Javascript engine of PDF readers(e.g. Adobe Acrobat Reader and Foxit PDF Reader) and my work has been acknowledged by the vendors. You can find acknowledgement of me on bulletins of Adobe and Foxit.
| ID | Type | Product | Ref Link |
|---|---|---|---|
| CVE-2022-34234 | UAF | Adobe Acrobat Reader | APSB22-32 |
| CVE-2022-34873 | OOB Read | Foxit PDF Reader | ZDI-22-952 |
| CVE-2022-28682 | OOB Read | Foxit PDF Reader | ZDI-22-773 |
| CVE-2022-28683 | UAF | Foxit PDF Reader | ZDI-22-774 |
| CVE-2022-37379 | UAF | Foxit PDF Reader | ZDI-22-1051 |
| CVE-2022-37383 | OOB Read | Foxit PDF Reader | ZDI-22-1055 |
| CVE-2022-37380 | OOB Read | Foxit PDF Reader | ZDI-22-1052 |
| CVE-2022-37381 | Memory Corruption | Foxit PDF Reader | ZDI-22-1053 |
| CVE-2022-37350 | OOB Read | PDF-XChange Editor | ZDI-22-1078 |
| CVE-2022-37349 | OOB Read | PDF-XChange Editor | ZDI-22-1076 |
| CVE-2022-34874 | OOB Read | Foxit PDF Reader | ZDI-22-951 |
| CVE-2023-39487 | OOB Read | PDF-XChange Editor | ZDI-23-1126 |
| CVE-2023-27366 | UAF | Foxit PDF Reader | ZDI-23-494 |