Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-30414: segmentation fault in jerryscript · Issue #5051 · jerryscript-project/jerryscript

Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component vm_loop at /jerry-core/vm/vm.c.

CVE
Open in Source
#ubuntu#linux#js#git

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open

zhunki opened this issue

Mar 14, 2023

· 1 comment

Open

segmentation fault in jerryscript #5051

zhunki opened this issue

Mar 14, 2023

· 1 comment

Comments

the following js cause a segmentation fault in jerryscript.

function test(){
    function f(){
        var f = test();
        h = f(); 
    }
    return f;
}
let a = test();
c = a();

JerryScript revision

1a2c047

Build platform

Name the build platform. E.g., copy the output of
Ubuntu Lunar Lobster (development branch) (Linux 5.15.0-67-generic x86_64)

Build steps

python3 tools/build.py --builddir=asan --compile-flag=-fno-omit-frame-pointer --compile-flag=-fsanitize=address --compile-flag=-fno-optimize-sibling-calls --compile-flag=-g --strip=OFF

Test case

function test(){ function f(){ var f = test(); h = f(); } return f; } let a = test(); c = a();

Execution steps

./build/bin/jerry  test.js

Output

segmentfault

Backtrace

==51718==ERROR: AddressSanitizer: stack-overflow on address 0x7ffd01b29ff8 (pc 0x5596f1c550b6 bp 0x7ffd01b2a3e0 sp 0x7ffd01b29fe0 T0) #0 0x5596f1c550b6 in vm_loop /home/zxw/jerryscript/jerry-core/vm/vm.c:970 #1 0x5596f1c676fd in vm_execute /home/zxw/jerryscript/jerry-core/vm/vm.c:5211 #2 0x5596f1c55050 in vm_run /home/zxw/jerryscript/jerry-core/vm/vm.c:5312 #3 0x5596f1c1aafc in ecma_op_function_call_simple /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1176 … … … #368 0x5596f1c55050 in vm_run /home/zxw/jerryscript/jerry-core/vm/vm.c:5312 #369 0x5596f1c1aafc in ecma_op_function_call_simple /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1176 #370 0x5596f1c1d62d in ecma_op_function_call /home/zxw/jerryscript/jerry-core/ecma/operations/ecma-function-object.c:1406

SUMMARY: AddressSanitizer: stack-overflow /home/zxw/jerryscript/jerry-core/vm/vm.c:970 in vm_loop ==51718==ABORTING

2 participants

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE