Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
I've discovered a NULL pointer de-reference condition within Jerryscript.
If the bytes - "0x27 0x5c 0xe2 0x80 0xa8 0x27 0x41" are evaluated by jerry_eval a segmentation fault will occur resulting in a denial of service.
It occurs within jmem_heap_free_block when block_p->size is de-referenced.
Proof
The call tree is as follows (generally):
The text was updated successfully, but these errors were encountered:
@JeffJerseyCow thanks for the bug report and sorry for the late answer. I can confirm this is a valid bug. We'll fix it.
Sorry, something went wrong.
Do not allocate memory for zero length strings.
03a8c63
Fixes jerryscript-project#1821. JerryScript-DCO-1.0-Signed-off-by: Zoltan Herczeg zherczeg.u-szeged@partner.samsung.com
Do not allocate memory for zero length strings. (#1844)
e58f288
Fixes #1821. JerryScript-DCO-1.0-Signed-off-by: Zoltan Herczeg zherczeg.u-szeged@partner.samsung.com
No branches or pull requests
I've discovered a NULL pointer de-reference condition within Jerryscript.
If the bytes - "0x27 0x5c 0xe2 0x80 0xa8 0x27 0x41" are evaluated by jerry_eval a segmentation fault will occur resulting in a denial of service.
It occurs within jmem_heap_free_block when block_p->size is de-referenced.
Proof

The call tree is as follows (generally):
The text was updated successfully, but these errors were encountered: