[v8-dev] Issue 3875 in v8: Null ptr deref in is_one_byte

Sat, 07 Feb 2015 13:15:05 -0800 

Status: New
Owner: ----

New issue 3875 by [email protected]: Null ptr deref in is_one_byte
https://code.google.com/p/v8/issues/detail?id=3875

echo '`${0}\u' >crash
$ ./shell crash

Tested with d962c092f30642bcff30dc32744715b8d0987fdd.
==28751==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x000000e722c3 bp 0x7fffffffbb80 sp 0x7fffffffbb80 T0) #0 0xe722c2 in is_one_byte /home/lcamtuf/afl/SRC/v8_stuff/v8/out/.././src/scanner.h:235:30 #1 0xe722c2 in is_literal_one_byte /home/lcamtuf/afl/SRC/v8_stuff/v8/out/.././src/scanner.h:624 #2 0xe722c2 in v8::internal::Scanner::CurrentSymbol(v8::internal::AstValueFactory*) /home/lcamtuf/afl/SRC/v8_stuff/v8/out/../src/scanner.cc:1302 #3 0xdd7f07 in v8::internal::Parser::AddTemplateSpan(v8::internal::ParserTraits::TemplateLiteral**, bool) /home/lcamtuf/afl/SRC/v8_stuff/v8/out/../src/parser.cc:5237:28 #4 0xddf04b in AddTemplateSpan /home/lcamtuf/afl/SRC/v8_stuff/v8/out/.././src/parser.h:991:3 #5 0xddf04b in v8::internal::ParserBase<v8::internal::ParserTraits>::ParseTemplateLiteral(v8::internal::Expression*, int, bool*) /home/lcamtuf/afl/SRC/v8_stuff/v8/out/.././src/preparser.h:2975 #6 0xde31b4 in v8::internal::ParserBase<v8::internal::ParserTraits>::ParsePrimaryExpression(bool*) /home/lcamtuf/afl/SRC/v8_stuff/v8/out/.././src/preparser.h:1943:11 #7 0xde1c28 in v8::internal::ParserBase<v8::internal::ParserTraits>::ParseMemberExpression(bool*) /home/lcamtuf/afl/SRC/v8_stuff/v8/out/.././src/preparser.h:2752:14 #8 0xdc6102 in v8::internal::ParserBase<v8::internal::ParserTraits>::ParseLeftHandSideExpression(bool*) /home/lcamtuf/afl/SRC/v8_stuff/v8/out/.././src/preparser.h:2572:24 
...

--
You received this message because this project is configured to send all issue notifications to this address. 
You may adjust your notification preferences at:
https://code.google.com/hosting/settings

--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
--- You received this message because you are subscribed to the Google Groups "v8-dev" group. 
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to