It is a problem with CTinyJS :: expression. On the TinyJS.cpp + 1776 line, a null pointer reference is triggered, as shown in the figure:
The reason for the vulnerability is that when a temporary assignment variable a is generated, it is not verified whether a is empty, and then a-> var refers to a, which causes the vulnerability.
Enviroment
poc:
vulnerability description:
It is a problem with CTinyJS :: expression. On the TinyJS.cpp + 1776 line, a null pointer reference is triggered, as shown in the figure:
The reason for the vulnerability is that when a temporary assignment variable a is generated, it is not verified whether a is empty, and then a-> var refers to a, which causes the vulnerability.
PoC construction
During the variable declaration, write 0.