In the first message there is a typo on the PoC for vulnerability #2.
Where it reads:
### 2.1 Steps to reproduce
`rapper -i turtle heap_read_overflow.poc`
Contents of `heap_read_overflow.poc`:
```
_:/exaple/o
```
It should read:
### 2.1 Steps to reproduce
`rapper -i nquads heap_read_overflow.poc`
Contents of `heap_read_overflow.poc`:
```
_:/exaple/o
```
This second vulnerability is on the nquads parser, not the turtle as the first
one.
I've verified both vulnerabilities are still open and the PoC work on the
latest git e4285ae. I have published the write-up / PoC at my
repohttps://github.com/pedrib/PoC/blob/master/fuzzing/raptor-fuzz.md and I have
also requested a CVE, will update here when CVE numbers are issued.
Regards,
Pedro
