--- title: Rebuttal tags: Project_SynthDB --- # To do List ### <mark>Discuss</mark> - [x] Schema constraints: Need clear distinguishable terms - define all new or all borrow from established terms [Oracle](https://docs.oracle.com/cd/B19306_01/server.102/b14220/data_int.htm) CHECK, NOT NULL, UNIQUE KEY, PRIMARY KEY, FOREIGN KEY Current: (1) Schema Constraints, (2) Query-condition Constraints, (3) Pre-query Constraints, (4) Post-query Constraints, and (5) Synchronized-query Constraint ### Application Selection * Selection of PHP application * Application selection criteria - [x] Popular PHP applications (at least 1k stars on Github) from different categories: Opencart (eCommerce), PhpBB (forum), wordpress (cms), HotCRP(chosen by many security research)? MediaWiki (3k stars)? <mark>(~7/22)</mark> - [x] S15-phpBB-2.0.23 need to be replaced with phpBB3 <mark>(~7/22)</mark> - [x] s1,s2,s6,s9 from the previous study: [link](https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-alhuzali.pdf) - [x] s1,s2,s5 from the previous study: [link](https://dl.acm.org/doi/abs/10.1145/2635868.2635928?casa_token=_3m52k68AD4AAAAA:NaZAmTBg0u7sdrhrSaxG_E-OE40xvi9_GkWLYbuVPVOxpJZg_DzBOTze05OkBCe8-JLxL6L797wtOBE) - [x] S12 from the previous study: [link](https://link.springer.com/chapter/10.1007/978-3-030-88418-5_8) - [x] including newer version WP 6.0.1, opencart 4.0.0, PHPBB 3.3.8 <mark>(~7/22)</mark> * Crebility of PHP application - [ ] Provide the crediblity of seleced applications: <mark>(~7/22)</mark> - s3-Ecom-site, s4-Onlineshop, s7-Doctor-Appointment, s8-Hotel-Management-System, s10-Webwars * "the number of SQL queries in the code" as an additional criterion and do not expand further - [ ] List popular Github PHP applications w or wo very little DB interaction <mark>(~7/22)</mark> ### Detail of the Concolic execution engine - [x] How the concolic execution engine operates - [ ] Provide the implications of Z3 solver shortcomings to the experiments of this paper - [ ] which condition may not have been solved <mark>(~7/24)</mark> - [ ] how many were not actually solved <mark>(~7/24)</mark> - SMT solvers may struggle to solve - [X] How does SynthDB handle the presence of security tokens --> We don't consider malicious behavior during the generation of the testing DB ### Unsupported SQL features - [ ] Extend the key list, explain all keywords, <mark>(~7/25)</mark> - [ ] Table for each application, what keyword are used ( App1, GROUP BY 20, SELECT xxx, ...) <mark>(~7/25)</mark> ### Experiment - [x] Include result of two applications(owncloud, nextcloud) in Table 1 <mark>(~7/24)</mark> - [X] Include additional result in Table 5 (why rechability test stops to s13) - [ ] Include security or potentioal vulnerability related results ### Dynamic database schema changes - WordPress allows plugins to be installed and activated at runtime. --> We only focus on the core functionality of WordPress - Plugins need to persist data and can modify the database with new tables. - [ ] rerun the tool for each installation of the plugins ### Writing - [ ] Provide detailed algorithm (Appendix D) - [ ] uncommented algorithm - [X] algorithm is updated - [ ] The current presentation of how SynthDB operates is still partial and unsystematic - [x] How PHP applications been selected? ### Other - [x] update table I,III,IV. - [x] remove low credibility apps. ### Typo, Minor note - [ ] Table 6 appears after Table 7. - [ ] Figure 3: "Z3 solver". move this to the main text. ### Review * [Summer review](https://sec23summer.usenix.hotcrp.com/paper/461) * [Major revision review](https://sec22fall.usenix.hotcrp.com/paper/520)