We found with our fuzzer multiple invalid read errors in jsvGetAddressOf src/jsvar.c:117 on a Linux 64bit machine.
Asan results are like:
ASAN:DEADLYSIGNAL
=================================================================
==31177==ERROR: AddressSanitizer: SEGV on unknown address 0x602000333348 (pc 0x5609dd3cf645 bp 0x7ffc63aaa710 sp 0x7ffc63aaa6f0 T0)
==31177==The signal is caused by a READ memory access.
#0 0x5609dd3cf644 in jsvGetAddressOf src/jsvar.c:117
#1 0x5609dd3da0bb in jsvFindChildFromString src/jsvar.c:2405
#2 0x5609dd420e45 in graphicsSetVar libs/graphics/graphics.c:129
#3 0x5609dd4d9674 in jswrap_graphics_clear libs/graphics/jswrap_graphics.c:293
#4 0x5609dd3eac70 in jsnCallFunction src/jsnative.c:64
#5 0x5609dd3efa3d in jspeFunctionCall src/jsparse.c:624
#6 0x5609dd3f227e in jspeFactorFunctionCall src/jsparse.c:1224
#7 0x5609dd3f62e3 in jspePostfixExpression src/jsparse.c:1765
#8 0x5609dd3f663a in jspeUnaryExpression src/jsparse.c:1791
#9 0x5609dd3f6cde in jspeBinaryExpression src/jsparse.c:1919
#10 0x5609dd3f6f39 in jspeConditionalExpression src/jsparse.c:1955
#11 0x5609dd3f7675 in jspeAssignmentExpression src/jsparse.c:2020
#12 0x5609dd3f7696 in jspeExpression src/jsparse.c:2026
#13 0x5609dd3fbac3 in jspeStatement src/jsparse.c:2675
#14 0x5609dd3f7c15 in jspeBlockOrStatement src/jsparse.c:2079
#15 0x5609dd3f7d1f in jspParse src/jsparse.c:2091
#16 0x5609dd3fcf8f in jspEvaluateVar src/jsparse.c:2901
#17 0x5609dd3fd2ea in jspEvaluate src/jsparse.c:2933
#18 0x5609dd4a47e5 in main targets/linux/main.c:330
#19 0x7f27c8e4bb96 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
#20 0x5609dd3bff69 in _start (/home/hongxu/tests/Espruino-asan/espruino+0x35f69)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV src/jsvar.c:117 in jsvGetAddressOf
==31177==ABORTING
We found with our fuzzer multiple invalid read errors in jsvGetAddressOf src/jsvar.c:117 on a Linux 64bit machine.
Asan results are like:
crash input files:
test_0.txt
test_1.txt
test_2.txt
The text was updated successfully, but these errors were encountered: