gfwilliams / tiny-js

Automatically exported from code.google.com/p/tiny-js

MIT License

532 stars 88 forks source link

Null pointer dereference #29

Open bird8693 opened 4 years ago

bird8693 commented 4 years ago

Enviroment

operating system: ubuntu18.04
compile command: make
test command: ./run_tests  poc

poc:

https://drive.google.com/open?id=1meBXekOMSdT8jc_kxuSoqlB2oL3jLqIj
# vulnerability description:
It is a Null pointer dereference. Here is where it crashed, you can see the value of rax is 0:

But the crash point has a reference to rax：