Headline
CVE-2021-46481: Memory leaks in linenoise src/linenoise.c:1061 · Issue #55 · pcmacdon/jsish
Jsish v3.5.0 was discovered to contain a memory leak via linenoise at src/linenoise.c.
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Closed
hope-fly opened this issue
Dec 24, 2021
· 0 comments
Comments
Jsish revision
Commit: 9fa798e
Version: v3.5.0
Build platform
Ubuntu 18.04.5 LTS (Linux 5.4.0-44-generic x86_64)
Build steps
export CFLAGS=’-fsanitize=address’ make
Test case
var JSEtest = [ 'aa’, 'bb’, ‘hhh’ ]; try { Number.bind(console.input(‘listNum’ + JSEtest), 4)(); } catch (e) {}; try { (1 >> y).toFixed.bind(2, 4)(); } catch (e) {}; (1 >> y).toFixed.bind(2, 4)();
Execution steps & Output
$ ./jsish/jsish poc.js
listNum [object Object] /home/user/poc.js:10: error: apply Number.toFixed to a non-number object ERROR: ================================================================= ERROR: LeakSanitizer: detected memory leaks Direct leak of 1 byte(s) in 1 object(s) allocated from: #0 0x7f0e5412d538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538) #1 0x56523c6594ad in linenoise src/linenoise.c:1061 SUMMARY: AddressSanitizer: 1 byte(s) leaked in 1 allocation(s).
Credits: Found by OWL337 team.
1 participant