Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x18e506) #72

Closed
hope-fly opened this issue Dec 24, 2021 · 0 comments
Closed

SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x18e506) #72

hope-fly opened this issue Dec 24, 2021 · 0 comments

Comments

@hope-fly
Copy link

hope-fly commented Dec 24, 2021
edited
Loading

Jsish revision

Commit: 9fa798e

Version: v3.5.0

Build platform

Ubuntu 18.04.5 LTS (Linux 5.4.0-44-generic x86_64)

Build steps
export CFLAGS='-fsanitize=address'
make
Test case
var lastIndexReads;
var result;
var r = /a/g;

function JSEtest(_value) {
  r.lastIndex = -Infinity;
  lastIndexReads = 0;
}

JSEtest(9);
result = r.exec('abc');

Execution steps & Output
$ ./jsish/jsish poc.js
ASAN:DEADLYSIGNAL
=================================================================
==119220==ERROR: AddressSanitizer: SEGV on unknown address 0x603f80019c20 (pc 0x7f2d155e4507 bp 0x000000000000 sp 0x7ffd01763808 T0)
==119220==The signal is caused by a READ memory access.
    #0 0x7f2d155e4506  (/lib/x86_64-linux-gnu/libc.so.6+0x18e506)
    #1 0x7f2d15557743 in regexec (/lib/x86_64-linux-gnu/libc.so.6+0x101743)
    #2 0x562082528c68 in jsi_RegExpMatches src/jsiRegexp.c:235
    #3 0x56208252a51b in RegexpExecCmd src/jsiRegexp.c:323
    #4 0x562082585818 in jsi_FuncCallSub src/jsiProto.c:244
    #5 0x56208284f71a in jsiFunctionSubCall src/jsiEval.c:796
    #6 0x56208284f71a in jsiEvalFunction src/jsiEval.c:837
    #7 0x56208284f71a in jsiEvalCodeSub src/jsiEval.c:1264
    #8 0x56208286315e in jsi_evalcode src/jsiEval.c:2204
    #9 0x562082867274 in jsi_evalStrFile src/jsiEval.c:2665
    #10 0x56208255666a in Jsi_Main src/jsiInterp.c:936
    #11 0x562082d5b03a in jsi_main src/main.c:47
    #12 0x7f2d15477bf6 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
    #13 0x5620824ea969 in _start (/usr/local/bin/jsish+0xe8969)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x18e506)

Credits: Found by OWL337 team.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@hope-fly