Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SEGV src/mjs_gc.c:190:11 in gc_sweep #241

Open
z1r00 opened this issue Mar 6, 2023 · 0 comments
Open

SEGV src/mjs_gc.c:190:11 in gc_sweep #241

z1r00 opened this issue Mar 6, 2023 · 0 comments

Comments

@z1r00
Copy link

z1r00 commented Mar 6, 2023

SEGV src/mjs_gc.c:190:11 in gc_sweep

project address

https://github.com/cesanta/mjs

info

OS:Ubuntu20.04 TLS

Build: $(DOCKER_CLANG) -fsanitize=address $(CFLAGS) $(TOP_MJS_SOURCES) $(TOP_COMMON_SOURCES) -o $(PROG)

Poc

https://github.com/z1r00/fuzz_vuln/blob/main/mjs/SEGV/mjs_gc/poc6.zip

ASAN Info

./mjs poc6.js

AddressSanitizer:DEADLYSIGNAL
=================================================================
==2926144==ERROR: AddressSanitizer: SEGV on unknown address 0x7fff89960675 (pc 0x0000004e2647 bp 0x7fffffffe030 sp 0x7fffffffdb98 T0)
==2926144==The signal is caused by a READ memory access.
    #0 0x4e2647 in gc_sweep /home/ubuntu/asan_fuzz_mjs/mjs/src/mjs_gc.c:190:11

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /home/ubuntu/asan_fuzz_mjs/mjs/src/mjs_gc.c:190:11 in gc_sweep
==2926144==ABORTING
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant