ODDFUZZ: Discovering Java Deserialization Vulnerabilities via Structure-Aware Directed Greybox Fuzzing

Java deserialization vulnerability is a severe threat in practice. Researchers have proposed static analysis solutions to locate candidate vulnerabilities and fuzzing solutions to generate proof-of-concept (PoC) serialized objects to trigger them. However, existing solutions have limited effectiveness and efficiency. In this paper, we propose a novel hybrid solution ODDFUZZ to efficiently discover Java deserialization vulnerabilities. First, ODDFUZZ performs lightweight static taint analysis to identify candidate gadget chains that may cause deserialization vulner-abilities. In this step, ODDFUZZ tries to locate all candidates and avoid false negatives. Then, ODDFUZZ performs directed greybox fuzzing (DGF) to explore those candidates and generate PoC testcases to mitigate false positives. Specifically, ODDFUZZ applies a structure-aware seed generation method to guarantee the validity of the testcases, and adopts a novel hybrid feedback and a step-forward strategy to guide the directed fuzzing. We implemented a prototype of ODDFUZZ and evaluated it on the popular Java deserialization repository ysoserial. Results show that, ODDFUZZ could discover 16 out of 34 known gadget chains, while two state-of-the-art baselines only identify three of them. In addition, we evaluated ODDFUZZ on real-world applications including Oracle WebLogic Server, Apache Dubbo, Sonatype Nexus, and protostuff, and found six previously unreported exploitable gadget chains with five CVEs assigned.Comment: To appear in the Main Track of IEEE S&P 202

Phosphorus and Nitrogen Dual-Doped Few-Layered Porous Graphene: A High-Performance Anode Material for Lithium-Ion Batteries

Few-layered graphene networks composed of phosphorus and nitrogen dual-doped porous graphene (PNG) are synthesized via a MgO-templated chemical vapor deposition (CVD) using (NH₄)₃PO₄ as N and P source. P and N atoms have been substitutionally doped in graphene networks since the doping takes place at the same time with the graphene growth in the CVD process. Raman spectra show that the amount of defects or disorders increases after P and N atoms are incorporated into graphene frameworks. The doping levels of P and N measured by X-ray photoelectron spectroscopy are 0.6 and 2.6 at %, respectively. As anodes for Li ion batteries (LIBs), the PNG electrode exhibits high reversible capacity (2250 mA h g^–1 at the current density of 50 mA g^–1), excellent rate capability (750 mA h g^–1 at 1000 mA g^–1), and satisfactory cycling stability (no capacity decay after 1500 cycles), showing much enhanced electrode performance as compared to the undoped few-layered porous graphene. Our results show that the PNG is a promising candidate for anode materials in high-rate LIBs

Does joint-sparing tumor resection jeopardize oncologic and functional outcomes in non-metastatic high-grade osteosarcoma around the knee?

Abstract Background We previously reported joint-sparing tumor resection for osteosarcoma with epiphyseal involvement in which transepiphyseal osteotomy went through the in situ ablated epiphysis. However, we do not know whether this is a safe approach when compared with joint-sacrificed tumor resection. Our objective was to compare oncologic and functional outcomes between patients who underwent joint preservation (JP) and joint replacement (JR) tumor resection. Furthermore, we identified the risk factors of local recurrence, metastasis and survival. Methods Eighty-nine patients with non-metastatic high-grade osteosarcoma around the knee were treated with limb-salvage surgery (JP in 47 and JR in 42). Age, gender, tumor location, pathologic fracture, plain radiographic pattern, limb diameter change, perivascular space alteration, surgical margin, local recurrence, metastasis, death, and the Musculoskeletal Tumor Society (MSTS)-93 scores were extracted from the records. Univariate analysis was performed to compare oncologic and functional outcomes. Binary logistic and cox regression models were used to identify predicted factors for local recurrence, metastasis, and survival. Results Local recurrence, metastasis and overall survival were similar in the JP and JR group (p = 0.3; p = 0.211; p = 0.143). Major complications and limb survival were also similar in the JR and JP group (p = 0.14; p = 0.181). The MSTS score of 27.06 ± 1.77 in the JP group was higher than that of 25.88 ± 1.79 in the JR group (p = 0.005). The marginal margin of soft tissue compared with a wide margin was the only independent predictor of local recurrence (p = 0.006). Limb diameter increase and perivascular fat plane disappearance during neoadjuvant chemotherapy were independent predictors for metastasis (p = 0.002; p = 0.000) and worse survival (p = 0.000; p = 0.001). Conclusions Joint-sparing tumor resection with the ablative bone margin offers advantage of native joint preservation with favorable functional outcomes while not jeopardizing oncologic outcomes compared with joint-sacrificed tumor resection. Surgeon should strive to obtain adequate soft tissue surgical margin decreasing risk of local recurrence. Novel drug regimens might be reasonable options for patients with obvious limb diameter increase and perivascular fat disappearance during chemotherapy

Protocol for a gallbladder cancer registry study in China: the Chinese Research Group of Gallbladder Cancer (CRGGC) study

Introduction Gallbladder cancer (GBC), the sixth most common gastrointestinal tract cancer, poses a significant disease burden in China. However, no national representative data are available on the clinical characteristics, treatment and prognosis of GBC in the Chinese population.Methods and analysis The Chinese Research Group of Gallbladder Cancer (CRGGC) study is a multicentre retrospective registry cohort study. Clinically diagnosed patient with GBC will be identified from 1 January 2008 to December, 2019, by reviewing the electronic medical records from 76 tertiary and secondary hospitals across 28 provinces in China. Patients with pathological and radiological diagnoses of malignancy, including cancer in situ, from the gallbladder and cystic duct are eligible, according to the National Comprehensive Cancer Network 2019 guidelines. Patients will be excluded if GBC is the secondary diagnosis in the discharge summary. The demographic characteristics, medical history, physical examination results, surgery information, pathological data, laboratory examination results and radiology reports will be collected in a standardised case report form. By May 2021, approximately 6000 patient with GBC will be included. The clinical follow-up data will be updated until 5 years after the last admission for GBC of each patient. The study aimed (1) to depict the clinical characteristics, including demographics, pathology, treatment and prognosis of patient with GBC in China; (2) to evaluate the adherence to clinical guidelines of GBC and (3) to improve clinical practice for diagnosing and treating GBC and provide references for policy-makers.Ethics and dissemination The protocol of the CRGGC has been approved by the Committee for Ethics of Xinhua Hospital, Shanghai Jiao Tong University School of Medicine (SHEC-C-2019–085). All results of this study will be published in peer-reviewed journals and presented at relevant conferences.Trial registration number NCT04140552, Pre-results