{
  "entrypoint_kind": "tcp_peer",
  "entrypoint_detail": "loopback TCP socket -> Driver.server(...) handshake (hixie-75/Draft75) -> draft75.parse()/_parseLeadingByte()/stage-1 length accumulator",
  "service_started": true,
  "healthcheck_passed": true,
  "target_path_reached": true,
  "runtime_stack": [
    "node",
    "net(TCP loopback)",
    "websocket-driver (Draft75/hixie-75 parser)"
  ],
  "proof_artifacts": [
    "logs/reproduction_steps.log",
    "logs/vuln_result.json",
    "logs/fixed_result.json",
    "logs/vuln_run.log",
    "logs/fixed_run.log",
    "logs/oracle_eval.txt"
  ],
  "notes": "Real loopback TCP peer exercised the published websocket-driver 0.7.4 (vulnerable) and 0.7.5 (fixed) Draft75 parser. Vulnerable build stays open and misframes the sentinel (stale message re-emit); fixed build closes on over-limit length header. Positive control delivered in both.",
  "vulnerable_version": "0.7.4",
  "fixed_version": "0.7.5",
  "vulnerable_events": [
    {
      "t": 1784199256357,
      "type": "open"
    },
    {
      "t": 1784199256358,
      "type": "message",
      "data": "POSITIVE-CTRL-OK"
    },
    {
      "t": 1784199256656,
      "type": "message",
      "data": "POSITIVE-CTRL-OK"
    }
  ],
  "fixed_events": [
    {
      "t": 1784199257591,
      "type": "open"
    },
    {
      "t": 1784199257591,
      "type": "message",
      "data": "POSITIVE-CTRL-OK"
    },
    {
      "t": 1784199257889,
      "type": "close"
    }
  ],
  "malicious_header_hex": "80ffffff7f",
  "computed_length": 268435455,
  "max_length": 67108863
}
