Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-41683: stack-overflow in ecma_get_lex_env_type · Issue #4745 · jerryscript-project/jerryscript

There is a stack-overflow at ecma-helpers.c:326 in ecma_get_lex_env_type in JerryScript 2.4.0

CVE
Open in Source
#ubuntu#linux

JerryScript revision****Build platform

Ubuntu 20.04.2 LTS (Linux 5.11.0-25-generic x86_64)

Build steps

./tools/build.py --clean --debug --compile-flag=-fsanitize=address \
--compile-flag=-m32 --compile-flag=-fno-omit-frame-pointer \
--compile-flag=-fno-common --compile-flag=-g --strip=off \
--system-allocator=on --logging=on --linker-flag=-fuse-ld=gold \
--error-messages=on --profile=es2015-subset --stack-limit=20

Test case

function Foo() {
  new Foo()
}
var o = new Foo();

Output

AddressSanitizer:DEADLYSIGNAL
=================================================================
==26122==ERROR: AddressSanitizer: stack-overflow on address 0xff793ffc (pc 0x5663300c bp 0xff794018 sp 0xff794000 T0)
    #0 0x5663300b in ecma_get_lex_env_type /home/jerryscript/jerry-core/ecma/base/ecma-helpers.c:326
    #1 0x567531ae in ecma_op_resolve_reference_value /home/jerryscript/jerry-core/ecma/operations/ecma-reference.c:293
    #2 0x566f4821 in vm_loop /home/jerryscript/jerry-core/vm/vm.c:1098
    #3 0x5671255e in vm_execute /home/jerryscript/jerry-core/vm/vm.c:5231
    #4 0x56712bf1 in vm_run /home/jerryscript/jerry-core/vm/vm.c:5338
    #5 0x56673029 in ecma_op_function_call_simple /home/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1130
    ...
    #241 0x566742ee in ecma_op_function_construct /home/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1572
    #242 0x566f3c87 in opfunc_construct /home/jerryscript/jerry-core/vm/vm.c:884
    #243 0x56712601 in vm_execute /home/jerryscript/jerry-core/vm/vm.c:5258
    #244 0x56712bf1 in vm_run /home/jerryscript/jerry-core/vm/vm.c:5338
    #245 0x56673029 in ecma_op_function_call_simple /home/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1130
    #246 0x566742ee in ecma_op_function_construct /home/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1572

SUMMARY: AddressSanitizer: stack-overflow /home/jerryscript/jerry-core/ecma/base/ecma-helpers.c:326 in ecma_get_lex_env_type
==26122==ABORTING

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE