Unable to run on Ubuntu 16.04.2

[dave7280]

main@dev:~$ box-js test.js
/usr/local/lib/node_modules/box-js/_run.js:49 let timeout = argv.timeout; ^^^

SyntaxError: Block-scoped declarations (let, const, function, class) not yet supported outside strict mode

Any solution?

[CapacitorSet]

What version of node are you running (node --version)? box-js supports Node 6.0 and newer, mostly because it relies on Proxy that is an ES6 feature.

On October 11, 2017 11:31:10 AM GMT+02:00, dave7280 notifications@github.com wrote:

main@dev:~$ box-js test.js
/usr/local/lib/node_modules/box-js/_run.js:49 let timeout = argv.timeout; ^^^

SyntaxError: Block-scoped declarations (let, const, function, class) not yet supported outside strict mode

-- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/CapacitorSet/box-js/issues/46

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

[dave7280]

Phhh.. v4 :) I will upgrade, i have absolutetly no experience with JS so i had to make this issue. Will let you know whether upgrading solved the problem.

//Edit: Solved. Works now.

[CapacitorSet]

No problem! That's kind of a bug anyway, since it should have been caught in run.js (which I guess only catches 0.12 and previous versions). I'll fix that when I get home.

On October 11, 2017 11:36:07 AM GMT+02:00, dave7280 notifications@github.com wrote:

Phhh.. v4 :) I will upgrade, i have absolutetly no experience with JS so i had to make this issue. Will let you know whether upgrading solved the problem.

-- You are receiving this because you commented. Reply to this email directly or view it on GitHub: https://github.com/CapacitorSet/box-js/issues/46#issuecomment-335753728

-- Sent from my Android device with K-9 Mail. Please excuse my brevity.

[dave7280]

I tried to analyze sample of js code, which i suppose has some anti debugging capabilities by exhausting the heap. Chrome hangs on it while being analyzed, firefox does timeout and ofc your solution does crash as well (node crashes). It's might be good benchmark of your sandbox...

This code is used by "Incapsula" CDN provider so not really malicious but interesting.

Might be good to protect your solution against such tricks.. however not sure how it works. As soon as the code is "beautifuled" in any way, such as new lines and so on the script starts exhausting the heap.

https://pastebin.com/fY4ZCQ4M

<--- Last few GCs --->

27286 ms: Mark-sweep 1382.0 (1434.5) -> 1382.0 (1434.5) MB, 1432.2 / 0.0 ms [allocation failure] [GC in old space requested]. 28337 ms: Mark-sweep 1382.0 (1434.5) -> 1386.9 (1418.5) MB, 1050.3 / 0.0 ms [last resort gc]. 29404 ms: Mark-sweep 1386.9 (1418.5) -> 1391.7 (1418.5) MB, 1067.2 / 0.0 ms [last resort gc].

<--- JS stacktrace --->

==== JS stack trace =========================================

Security context: 0x3821824cf781 2: setCookie [0x382182404381 :~324] [pc=0x192978608c54] (this=0x322d1fc0d721 <an Object with map 0x78df8426a11>,x=0x322d1fc0d759 <JS Array[8515113]>,e=0x382182404381 ,b=0x382182404381 ,_=0x322d1fc0d779 <an Object with map 0x104255ca02a9>) 3: arguments adaptor frame: 3->4 4: / anonymous / [0x382182404381 :355] [pc=0x1929785f7196] (this=0x...

FATAL ERROR: CALL_AND_RETRY_LAST Allocation failed - JavaScript heap out of memory 1: node::Abort() [/usr/bin/node] 2: 0x109f13c [/usr/bin/node] 3: v8::Utils::ReportApiFailure(char const, char const) [/usr/bin/node] 4: v8::internal::V8::FatalProcessOutOfMemory(char const*, bool) [/usr/bin/node] 5: v8::internal::Factory::NewFillerObject(int, bool, v8::internal::AllocationSpace) [/usr/bin/node] 6: v8::internal::Runtime_AllocateInTargetSpace(int, v8::internal::Object*, v8::internal::Isolate) [/usr/bin/node] 7: 0x1929780079a7

[CapacitorSet]

Can't reproduce this, it doesn't crash on my Firefox (FF Nightly 58.0a1 on Arch), nor natively on Node, nor on box-js. However, on box-js it prints an error ("can't read property match of undefined"). On the other platforms it works correctly, printing some code to the console (here).

[CapacitorSet]

I moved the "Can't read property match of undefined" to #47.

[CapacitorSet]

I fixed #147 and pushed a patch (1.9.7). Not sure why it crashes on your device, but it doesn't seem to be a problem in box-js, seeing that I can run the analysis just fine - maybe you're low on memory?. Out of curiosity, try running the file directly in Node.

Closing this for now.