You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
First observe the stack traceback, as shown in the figure:
There is a problem with CTinyJS :: factor. In the TinyJS.cpp: 1642 line, a 0 pointer reference is sent, as shown in the figure:
The reason for the vulnerability is that when a temporary assignment variable a is generated, it is not verified whether a is empty, and then a-> var refers to a, which causes the vulnerability.
There is a '\ x00' character after the "x:" here, during the parsing process, tiny-js thinks that "x:" is empty, so the base parsing function returns 0, but "a-> var" does not have before the reference Check it, and the vulnerability is generated
The text was updated successfully, but these errors were encountered:
Enviroment
poc:
vulnerability description:
First observe the stack traceback, as shown in the figure:
There is a problem with CTinyJS :: factor. In the TinyJS.cpp: 1642 line, a 0 pointer reference is sent, as shown in the figure:
The reason for the vulnerability is that when a temporary assignment variable a is generated, it is not verified whether a is empty, and then a-> var refers to a, which causes the vulnerability.
There is a '\ x00' character after the "x:" here, during the parsing process, tiny-js thinks that "x:" is empty, so the base parsing function returns 0, but "a-> var" does not have before the reference Check it, and the vulnerability is generated
The text was updated successfully, but these errors were encountered: