You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When a special input is constructed, the Lua engine fails to parse the input and crashes.
For details about the special input, see poc1 to poc3 in the attachment.
When poc1 and poc3 are entered, a segment error occurs in the lj_str_original_hash function, resulting in crash.
When poc2 is entered, a segment error occurs after the lj_BC_JMP function is called, causing the system crash.
pls comfirm above, from Huawei & Tencent Enke Laboratory.
are these made by lj itself, or are they made up things? in the 1st case, its a bug, in the 2nd case, dont run anything that cant be trusted, especially bytecode, as thats really not a planned use case...
When a special input is constructed, the Lua engine fails to parse the input and crashes.
For details about the special input, see poc1 to poc3 in the attachment.
When poc1 and poc3 are entered, a segment error occurs in the lj_str_original_hash function, resulting in crash.
When poc2 is entered, a segment error occurs after the lj_BC_JMP function is called, causing the system crash.
pls comfirm above, from Huawei & Tencent Enke Laboratory.
poc1.txt
poc2.txt
poc3.txt
The text was updated successfully, but these errors were encountered: