When a special input is constructed, the Lua engine fails to parse the input and crash. #96
Comments
|
hi there! :) are these made by lj itself, or are they made up things? in the 1st case, its a bug, in the 2nd case, dont run anything that cant be trusted, especially bytecode, as thats really not a planned use case... |
|
and in the 1st case, could u show them before compiling? :D |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When a special input is constructed, the Lua engine fails to parse the input and crashes.
For details about the special input, see poc1 to poc3 in the attachment.
When poc1 and poc3 are entered, a segment error occurs in the lj_str_original_hash function, resulting in crash.
When poc2 is entered, a segment error occurs after the lj_BC_JMP function is called, causing the system crash.
pls comfirm above, from Huawei & Tencent Enke Laboratory.
poc1.txt
poc2.txt
poc3.txt
The text was updated successfully, but these errors were encountered: