Open vincenttesla opened 4 years ago
Hi team,
I found 18 segmentation faults in file mjs.c. They can trigger crashes in different places. These crashes can be reproduced on the master branch. I found them by using an improved version of AFL.
reproductions.zip are the reproduction files.
Usage:
$ mjs -f [reproduction js_file]
I compiled the program using the following instructions:
$ clang -DMJS_MAIN mjs.c -ldl -g -O0 -o mjs
For the specific error message, see "crash-messages.txt". Some crashes may be caused by "access out of bound memory", similar to issue113.
Maybe I can help. :)
Hi team,
I found 18 segmentation faults in file mjs.c. They can trigger crashes in different places. These crashes can be reproduced on the master branch. I found them by using an improved version of AFL.
reproductions.zip are the reproduction files.
Usage:
$ mjs -f [reproduction js_file]I compiled the program using the following instructions:
$ clang -DMJS_MAIN mjs.c -ldl -g -O0 -o mjsFor the specific error message, see "crash-messages.txt". Some crashes may be caused by "access out of bound memory", similar to issue113.
Maybe I can help. :)