search

ExpoSEJS / ExpoSE

A Dynamic Symbolic Execution (DSE) engine for JavaScript. ExpoSE is highly scalable, compatible with recent JavaScript standards, and supports symbolic modelling of strings and regular expressions.
MIT License
183 stars 36 forks source link

hasOwnProperty will return undefined when running in ExpoSE #89

Closed cl0udz closed 4 years ago

cl0udz commented 4 years ago

Thanks for your work. ExpoSE is easy to use and well-written as a symbolic execution framework. But recently I found a bug. I'll appreciate it if you can help me solve it.

Here is the PoC.

var a = {name: "myname"};

if(a.hasOwnProperty("name"))
    console.log('correct');
else
    console.log('wrong');

When directly run the script, it will print "correct". But if I use ExpoSE to analyze it, hasOwnProperty will return undefined and "wrong" will be printed. I tried to find the bug in Analyzer but for now, I still have no idea why this happens.

jawline commented 4 years ago

Small bug with the hasOwnProperty model. I just committed a fix. Thank you for the bug report :)